This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/anti-abuse-wg@ripe.net/
[anti-abuse-wg] New Abuse Information on RIPE NCC Website
- Previous message (by thread): [anti-abuse-wg] New Abuse Information on RIPE NCC Website
- Next message (by thread): [anti-abuse-wg] New Abuse Information on RIPE NCC Website
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Frank Gadegast
ripe-anti-spam-wg at powerweb.de
Fri Jun 21 16:00:29 CEST 2013
Suresh Ramasubramanian wrote: > > and yes, outbound mail scanning is a widely recognized best practice But this is in some countries or under some other regulations no option. > > no, it would not have helped in the Latvia case because the ISP in > question was hosting botnet command and control sites, which don't tend > to control bots or run telemetry over smtp. > > On Friday, June 21, 2013, Sascha Luck wrote: > > On Fri, Jun 21, 2013 at 02:50:35PM +0200, peter h wrote: > > A few providers actually prevent spam. Those won't show up in > listings. > To stay out of listings one has to be more then whining, one has to > actually prevent spam originating! > > > Just for the avoidance of doubt, are you arguing for the scanning of the > content of outgoing third-party email (aka Censorship) in order to avoid > landing on some blocklist? There is a much easier way of finding botted PCs dialing into your own network without having to scan outgoing mail. Lets say your dialin users are also having email services with you and they already have a anti-spam system running along with those services. Simply check incoming spam if they originate from your own dialin networks ;o) If your big enough, its likely (its proofed that its working) that your own customers receive spam from botted PCs that are also your customers. If detected, call them and explain the problem, they will love this service ... This simply works because most botted PCs used to send out mail also scan the address books of those users and the friends or family or colleges tend to use the same provider. Or: simply count the amount of mails coming out from dialin IPs and look for unregular peeks ... that should be allowed in most countries ... Kind regards, Frank > > rgds, > Sascha Luck > > > > > -- > --srs (iPad)
- Previous message (by thread): [anti-abuse-wg] New Abuse Information on RIPE NCC Website
- Next message (by thread): [anti-abuse-wg] New Abuse Information on RIPE NCC Website
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]