More on spamming..
Stephan Hermann sh at nwu.de
Wed Oct 1 11:51:38 CEST 1997
Hi, At 10:13 01.10.97 +0100, Alex Bligh wrote: >Stephan Hermann <sh at nwu.de> wrote: >> At 02:43 01.10.97 +0200, Geert Jan de Groot wrote: >> >People may be interested to read http://maps.vix.com. It is my understanding >> >> I think, it's not a solution to build a frontier to the ISPs who are >> housing such spammers. We must stop those spammers with commercial ideas >> not with technical solutions such as filtering out IPs with as-path access >> lists. > >Um, please read how the list works - it doesn't use as-path access list. >It sends /32 routes (normally) for specific hosts which orginate spam, >and transiently for specific relays currently being used to propogate >spam. Well...how can I filter hosts out, which are connected dynamically. The most spams I get, are from several IPs which are dial-up customers of (well known) ISPs in USA. Sure, I can stop them, if I know the whole subnet for the dial-in servers from the ISPs. I can filter out the relay hosts, ok...but our customers gets e.g. mail from customers of sprint, and I block the incoming connection from customer-mail-relay.sprint.net (e.g.!!!). Well...then I can go and close my business ;) No, if we want to stop those spammers, the logical idea is, that all ISPs which are housing such spammers must ban them from their servers. They must disconnect every PoP, which is housing such spam customers. Well, in Germany we have several problems with aol germany and t-online (a service by Deutsche Telekom). What can we do ? Block the connections to aol.com ? block the connections to t-online ? if I do that, I'm going to get so much angry mails from my customers, that I wish: "Give me Spams..but no more mails from my customers". I don't know the situation in other countries, but blocking is not the answer of our problem. We must find an answer, in a quite "commercial sense". Those people, IMHO, stop spamming, if they get an invoice for IP traffic or a letter from our lawyer. >Sure it's no defence, but every 3rd party (and, in one instance, >a customer - tut tut) who has been on this list and complained about >lack of connectivity to my network has since fixed their mail relay not >to forward spam (we take the feed). It's very effective at reducing >the amount of spam you get (at least for those zones which don't >have topologically distant backup MX). well..some of the customers wants to get those mails (yes...it's the truth...I don't know why, I think they're happy to receive email ;)) The only way to stop this is, to get a position in the contract between service provider and PoP, or between service provider and customers, that the PoP and/or the customer are billed for such traffic. You know, "money makes the world go round". > >> One (technical) idea can be, to install two smtp server: > >All this does is stop you relaying. You can do this on one server >with the no relay patches on > http://www.sendmail.org/ >if you can get the IP address stuff to work right, though we use >two servers for other reasons. well...we're changing our internal network to a secure server network (SSN). So, my second smtp server is in this SSN and the first smtp server is in front of that network. so, our second smtp can go out, but no one can get in and use my second smtp for relaying :) ReadU, sh -- Stephan Hermann, techn. Leiter Netzwerk u. Telekommunikation eMail: sh at nwu.de NWU Gesellschaft fuer Netzwerke und Telekommunikation mbH Tel.: +49-231-9860143 Heinrichstr. 51, 44536 Luenen FAX : +49-231-9860148 -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 355 bytes Desc: not available URL: <https://www.ripe.net/ripe/mail/archives/lir-wg/attachments/19971001/cdfa7e10/attachment.sig>
[ lir-wg Archives ]