<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=ISO-8859-15">
</head>
<body bgcolor="#ffffff" text="#000000">
-----BEGIN PGP SIGNED MESSAGE----- <br>
Hash: SHA1 <br>
<br>
When starting with <a class="moz-txt-link-abbreviated" href="http://www.netsecdb.de">www.netsecdb.de</a> in 2008 i'd never expected the<br>
decrease of spams to round about 1% of former amount to remain a<br>
stable value. Stats from last weeks, monthes and year now give proof<br>
that the setup of a central communitation matrix based on worldwide<br>
IPv4-whois databases was a great help in fighting abusive mails and a<br>
lot more.<br>
<br>
Inspite of common hosting environments the number of spams is<br>
generally lower that the amount of mails containing wanted messaging.<br>
The hourly auto-generated configuration files for MTAs like postfix,<br>
exim, qmail and MS Excchange 2007 and later used on external partner<br>
servers show same progresses.<br>
<br>
In addition, files that contain the blocking lists for leading TOP25<br>
spammer-country are distributed for free.<br>
<br>
Starting from scratch with a localized german based environment, we<br>
opened netranges from additional countries based on the incoming<br>
spamlevel. Nowadays, networks from DE, CH, AT, BE, NL, FR, GB, LU, LI,<br>
IE, IT, CZ, SE, GR, PT, NO, PL, IS, FI, ES, DK, SK, HU, RO, BG, LT,<br>
LV, EE, US, CA, IL and defined customer nets don't get blocked but get<br>
tickets instead. If a non-customers's netrange abuse-email is<br>
invalid/non-functional, range gets blocked.<br>
<br>
Many providers integrated ticket-systems for abuse-handling and<br>
improved their quality management a lot. Only a few remained passive<br>
and surprisingly a handful of ISPs still seem to work with quota<br>
limited mailboxes to avoid a kind of work-overload.<br>
<br>
Logfiles show an increasing number of HEADER connects to our<br>
smtp-ports just to check the current status of single IP or netrange<br>
returned by our servers.<br>
<br>
Within the last monthes, netsol worked on rwhois integration into ARIN<br>
whois outputs which finetuned the process of generating abuse-tickets<br>
a lot.<br>
<br>
Many RIPE members started updating their whois records and abuse-mail<br>
contacts. Sometimes this results in an very effective workflow with<br>
only a few seconds response time over far distance whereas local<br>
providers still cannot be reached cause of invalid or missing contact<br>
records.<br>
<br>
Unfortunately the RIPE team stated by mail, that they have no<br>
job-order to take care of the integrity of it's database records i.e.<br>
finding ancient content with missing or invalid information gives<br>
random results.<br>
<br>
There seems to be no need for a RIPE member to keep it's records<br>
up-2-date ?<br>
<br>
Any additional information regardings spams, exploit attacks, hacking<br>
can be taken from <a class="moz-txt-link-abbreviated" href="http://www.netsecdb.de">www.netsecdb.de</a> site's sections.<br>
<br>
I wonder how long hosters are willing to pay the traffic, energy and<br>
CPU-time for something nobody needs to have.<br>
I wonder how long i takes for the DialUp- and Business Customers to<br>
learn, that security is a crucial part of internet activities and that<br>
their ISP's deliver very diffent qualities behind their mostly<br>
coloured flash-animated websites.<br>
<br>
Looking forward to see the current unsolved problems beeing<br>
transported to public clouds in datacenter and poisoned high bandwith<br>
customer connections if everything remains 'same procedure as every<br>
year' ...<br>
<br>
Kind regards,<br>
<br>
Claus<br>
<br>
<br>
<br>
<br>
<br>
- -- <br>
<br>
Claus Marxmeier<br>
<br>
<br>
- ---<br>
Claus Marxmeier EDV-Service<br>
Johann-Kierspel-Straße 5<br>
51491 Overath <br>
Germany<br>
<br>
-----BEGIN PGP SIGNATURE----- <br>
Version: GnuPG v1.4.10 (MingW32) <br>
Comment: Using GnuPG with Mozilla - <a class="moz-txt-link-freetext" href="http://enigmail.mozdev.org/">http://enigmail.mozdev.org/</a> <br>
<br>
iEYEARECAAYFAku6h3oACgkQUIsBFYVeBxC82gCfReNpv+rLKbb2n9vRxwoizCv+ <br>
0UAAn18QA/Y6irneBZyvcty9NGiKDHgq <br>
=MuBy <br>
-----END PGP SIGNATURE----- <br>
<br>
</body>
</html>