Talk:Open Relay Behavior-modification System

New Zealand Low‑importance

	New Zealand portal This article is within the scope of WikiProject New Zealand, a collaborative effort to improve the coverage of New Zealand and New Zealand-related topics on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.New ZealandWikipedia:WikiProject New ZealandTemplate:WikiProject New ZealandNew Zealand articles
Low	This article has been rated as Low-importance on the project's importance scale.

Internet

	Internet portal This article is within the scope of WikiProject Internet, a collaborative effort to improve the coverage of the Internet on Wikipedia. If you would like to participate, please visit the project page, where you can join the discussion and see a list of open tasks.InternetWikipedia:WikiProject InternetTemplate:WikiProject InternetInternet articles
???	This article has not yet received a rating on the project's importance scale.

Aftermath[edit]

It's gratuitous and unsubstantiated to claim that it was block lists that led to spammers discontinuing use of open relays. It's far more likely that it was the success of a small number of open relay honeypots that led to spammers seeking another means of distributing spam. Michael Tokarev ran a very successful honeypot in Moscow, one that had a brilliant feature: it logged the incoming spam on a web page. The log included the IP address of the source of the spam. The URL of the honeypot log could be sent to the abuse desk of the ISP that was the apparent source of the spam and the ISP could then watch the log and cancel the accounts using the IP addresses that showed up. That quickly burned up the spammer's stock of accounts to be used for abuse since he had never experienced such rapid and certain loss of accounts before. When the spammer was using UU.net accounts Tokarev could see, in the logs for the web page that had the log, the spread of accesses to that web page through the IP addresses used by uu.net: others besides the abuse desk obviously were being alerted to the tool and what it represented. [Most of this is unsourced and private communication and ineligible for inclusion in Wikipdia.] You can find discussions of the honeypot by Michael Tokarev using Google search.

The spammer shut down by the honeypot was a Ralsky associate in Texas. One of the original open relay test messages trapped by the Moscow honeypot went to a server in the Detroit area.

The honeypot web page is still there, showing the sources of the last spam messages received before the honeypot was disabled. [1]

The Jackpot honeypot, designed to run on Windows systems, also logged the spam to web pages. As it was a Windows program it made possible the creation of a substantial number of fake open relays that could be used to directly combat spammer activity. Whether a "substantial number" ever exited is not known. --Minasbeede 00:42, 22 September 2007 (UTC)[reply]

External links modified[edit]

Hello fellow Wikipedians,

I have just added archive links to 2 external links on Open Relay Behavior-modification System. Please take a moment to review my edit. If necessary, add {{cbignore}} after the link to keep me from modifying it. Alternatively, you can add {{nobots|deny=InternetArchiveBot}} to keep me off the page altogether. I made the following changes:

When you have finished reviewing my changes, please set the checked parameter below to true to let others know.

This message was posted before February 2018. After February 2018, "External links modified" talk page sections are no longer generated or monitored by InternetArchiveBot. No special action is required regarding these talk page notices, other than regular verification using the archive tool instructions below. Editors have permission to delete these "External links modified" talk page sections if they want to de-clutter talk pages, but see the RfC before doing mass systematic removals. This message is updated dynamically through the template {{source check}} (last update: 18 January 2022).

If you have discovered URLs which were erroneously considered dead by the bot, you can report them with this tool.
If you found an error with any archives or the URLs themselves, you can fix them with this tool.

Cheers.—^{cyberbot II}_{Talk to my owner:Online} 18:18, 16 January 2016 (UTC)[reply]

Assessment comment[edit]

The comment(s) below were originally left at Talk:Open Relay Behavior-modification System/Comments, and are posted here for posterity. Following several discussions in past years, these subpages are now deprecated. The comments may be irrelevant or outdated; if so, please feel free to remove this section.

Comment(s)

Press [show] to view →

This wikipedia article is incorrect.

Actrix was not listed for blocking ORBS relay tests, I can say with complete accuracy as the person who built and maintained Actrix mail system, that Open Relay tests were allowed.

Actrix was added for, and I quote the message from ORBs "Delivery point for domainz.net.nz" Actrix hosted domainz email, Alan was in a legal dispute with Patrick Obrien, who worked for domainz. Alan added Actrix to prevent Patrick receiving work related email.

Additionally, this article cites references, that are not accurate. The article http://archive.salon.com/tech/feature/2001/06/08/orbs/index2.html states:

"Brown then said that he would comply, but he remained unrepentant. "ORBS policy is that if you threaten ORBS you'll be manually listed," he said, according to a story in IDG New Zealand. "Telecom [Actrix and Xtra Mail's parent company] threatened me with legal action for two years."

Actrix was not, and has never been, owned or controlled in anyway by Telecom. Actrix was owned by Hal King, and later West 175 media. This is a matter of public record.

Actrix had also never had any communication with Alan Brown until such time as they found themselves listed with ORBs

Last edited at 02:48, 30 April 2009 (UTC). Substituted at 01:53, 30 April 2016 (UTC)