This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[anti-abuse-wg] Abuse: dnsbl - trust and other factors
- Previous message (by thread): [anti-abuse-wg] VERIFIED[.]IS
- Next message (by thread): [anti-abuse-wg] Abuse: dnsbl - trust and other factors
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
andre at ox.co.za
andre at ox.co.za
Wed Aug 10 08:28:53 CEST 2016
Recently, in another thread, Suresh Ramasubramanian said that: "I trust spamhaus, especially related to their DROP list, which is extremely specific in its listing critieria" Then, I thought about how many abuse lists and dns blocklists there are and why this is the case, as even I trust (use & report to Spamhaus) but I also run a public / free dnsbl myself So why is this? - It is all about trust. It is also about policies - but what else is it? The listing and delisting criteria has to be clear, fair, transparent, etc maybe in terms of http://spamid.net/rfc5782.txt and http://spamid.net/rfc6471.txt But what else? Why did I feel the need to devops my own anti spam system after 25 years of dealing with abuse? For one: I trust myself And as I have not yet found anything that stops spam, phish, abuse dead in its tracks, and there is, on ALL of the dnsbl's - much politics... How many ESP's & ISP's operate their mass or bulk spam is to send the spam from an IP where 50% of the email is legit and valuable emails and 50% is spam... Also, they do not respond to abuse complaints from small organisations or small isp's or "little ants" - They are similar to cockroaches, only on the move when there is a bright light shined on them... Here is an example, of an IP number/operator - who is blocked nowhere and whom has received spam/abuse reports - and have done absolutely nothing about that... - and who hides legit emails - between the spam they relay... Not saying Mimecast is an evil cockroach, just that the example headers came in a few minutes ago - and matches the description of an supposedly "ethical" operator that hides spam in among relaying emails from .gov etc. - this operator is blocked nowhere - as their abuse behavior is to limit the percentage spam transmitted to a ratio (for example maybe 10% spam and 90% legit - or whatever) - to a ratio that would not get them blocked on spamhaus or any of the other dnsbl... Even my own blocklists cannot block Mimecast - even though they transmit spam/phish/crime/virus/spam Otherwise I lose clients... - AND Suresh Ramasubramanian and other similar people think that my block lists cannot be trusted... And this, the fact that : **** senders of abuse are not punished **** is why we have spam abuse in 2016. Society does not want to stop spam - if they did - there will be no spam in 2016. - comments? Andre *************************************** Spam/Abuse example: Return-Path: <bounces at thompsons.co.za> Delivered-To: spamtrap Received: from web.hostacc.com by web.hostacc.com (Dovecot) with LMTP id WfMLDSLBqlfIaQAAzD9rAQ for <spamtrap>; Wed, 10 Aug 2016 07:52:34 +0200 Received: from za-smtp-delivery-158.mimecast.co.za ([41.74.201.158]:20262) by web.hostacc.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-SHA:256) (Exim 4.87) (envelope-from <bounces at thompsons.co.za>) id 1bXMRN-00072M-Ly for spamtrap; Wed, 10 Aug 2016 07:52:34 +0200 Received: from ENGAGE01.cullinanholdings.co.za (105.255.128.165 [105.255.128.165]) by za-smtp-1.mimecast.co.za with ESMTP id za-mta-3-amlQSfYROryRH3Zamhv7uw-1; Wed, 10 Aug 2016 07:51:50 +0200 Received: from engage.cullinanholdings.co.za ([172.17.49.40]) by ENGAGE01.cullinanholdings.co.za with Microsoft SMTPSVC(7.5.7601.17514); Wed, 10 Aug 2016 07:51:50 +0200 Message-ID: <87f5d9e3c1226a1227d83bf22427355e at engage.cullinanholdings.co.za> Date: Wed, 10 Aug 2016 07:51:50 +0200 Subject: Launching Spain at Irresistible prices From: Thompsons For Travel <travel at thompsons.co.za> Reply-To: Thompsons For Travel <travel at thompsons.co.za> To: SpamTrap MIME-Version: 1.0 X-Campaign: 11507 X-Subscriber: 204641 X-OriginalArrivalTime: 10 Aug 2016 05:51:50.0330 (UTC) FILETIME=[49F179A0:01D1F2CB] X-MC-Unique: amlQSfYROryRH3Zamhv7uw-1 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable Launching Spain at Irresistible prices View this mailer online | Add Thompsons to your safe senders list You are receiving this mail as you have subscribed to Thompsons Travel newsletters. We NEVER send out any unsolicited e-mail. Should you wish to leave our mailing list unsubscribe here Disclaimer The information contained in this communication from the sender is confidential. It is intended solely for use by the recipient and others authorized to receive it. If you are not the recipient, you are hereby notified that any disclosure, copying, distribution or taking action in relation of the contents of this information is strictly prohibited and may be unlawful. This email has been scanned for viruses and malware, and automatically archived by Mimecast SA (Pty) Ltd, an innovator in Software as a Service (SaaS) for business. Mimecast Unified Email Management ™ (UEM) offers email continuity, security, archiving and compliance with all current legislation. To find out more, contact Mimecast.
- Previous message (by thread): [anti-abuse-wg] VERIFIED[.]IS
- Next message (by thread): [anti-abuse-wg] Abuse: dnsbl - trust and other factors
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]