[Dshield] mail1.giac.net spamcop listed]
jayjwa at atr2.ath.cx
Mon Dec 15 18:14:07 GMT 2003
On Mon, 15 Dec 2003, Hanke Penning wrote:
> Subject: Re: [Dshield] mail1.giac.net spamcop listed]
> > Far better would be for the IPs to actually throw some time, money and
> > effort at tracking down where the Spam commands actually originate then
> > charging them for unauthorized spamming, or theft of computer time or
> > something similar. We all know ISPs keep logs.
> Very nice, please explain *this* to Comcast or RR.COM or the whole China
> and/or Korea. Or explain it to the IP which *live* from supporting
> There is only the chance to BLOCK. And if China and Korea and Comcat and
> RR and Rackspace and all the other are completely blocked, and nobody
> spam from them... they *perhaps* may think about you words, but till
Then let's make that day come sooner- everyone that administers a mail
server, if you constantly receive spam from a domain- block it. I block
all of China, Korea, and "odd" top-level domains. No one in Liberia has any business
mailing anyone at my server. Then there's the "do-nothing" ISPs. I've
fought with Telnor, Tiscali, ntlworld.com, rr, netvigator, btinternet,
comcast, and a few others on a regular basis. One of the above was mailing
what turned out to be viruses to my host 5 times an hour- everyhour- for
several weeks. Of course they got permanently banned, but I still saw
them in the firewall logs, banging away with reckless abondon. I mailed
their abuse desk several times (4+), included full headers, firewall logs,
MTA logs, and actual emails + attachments.
They said it was my fault, for not issuing a 550 instead of
dropping all traffic from them. I did do this- for the first few days.
After that I simply got tired of logs filled with their host name in it.
When these companies realize that they in effect can not contact to any
host at all, because of banning and blacklisting, and their customers
realize this, their clients will pull out, and the isp's will lose vast
amounts of money. That _will_ get there attention, and make them see that spam
hosting and ignoring other similar problems is to their disadvantage.
Follow the blocklists religiously (Sans, etc)- if these spam & virus
housers won't do something about the problem, they should be cut off from
the rest of the Internet.
[jayjwa] RLF#37 Raq glenaal: Nffnfvangr Ovyy Tngrf
[Atr2.Ath.Cx Labs] Jvaqbjf vf n qvfrnfr
Finger for proj. "Putting encryption to good use."
=Linux Tough.Powered By Slackware=-HTTPS|FTP|SILC|SSH-=
More information about the list