[Dshield] Re: Risk Assessment

Mar Matthias Darin BDarin at tanaya.net
Wed Oct 27 09:05:36 GMT 2004


I can honestly say yes as I receive constant feedback from them and adapt as 
necessary to accomodate their needs/wants. 

I list my server as a private filtered system with a complete list of 
exactly what gets stopped at the door.  Understandably, not every user will 
subscribe to a service such as mine.  But the one that have haven't left 

Alan Frayer writes: 

> Are you SURE your users call it efficient? Looks to me like you keep
> your users like mushrooms. 
> If I were hosting users, I think I could effectively filter their
> e-mails without being as dramatic.

Good question...  About a month ago I had a majority request to disable the 
email blocking engines for a 30 day review.  I will be quite honest that 
this period was a hair pulling experience for me.  The 30 day review lasted 
3 daya. My postmast account was overloaded with mail to re-activate the 
email blocking engine. 

I took a survey afterwards regarding the email they received.  The 
overwhelming result was that they hard a hard time finding real mail from 
the spam and quite a few said they inadvertently deleted their real mail 
trying to wade through the spam. 

In the event that something does break (bad patch or buggy update), I do 
hear about, either by email or by phone.  All of my users have both and will 
not hesitate to use them at any given time.  When a user signs on, 
everything is layed out clearly.  Also my userbase is by referal.  I don't 
advertise, The users do that for me. 

As to the intelligence of my users, Of the top of my head, I can think of at 
least 10 PhD's that are users on my system.  The fields of expertise ranges 
from Theology to Electrical Engineering.  My advantage point is that my 
users have set items they require or want for their work/research.  In all 
cases security is the #1 item on the list. 

All of them have used other services and they still chose the limits of my 
server. Ex- AOL, EarthLink and MSN user comprise about 50% of my userbase. 

I fill a nitch in the market and as long as their is a nitch, there will 
always be someone there to fill it.  Its no different then SafeNet or other 
service that stays in business by users that WANT limits (antispam, parental 
filters, and so on). 

As to my competitors, working in a nitch market means that I have no or very 
little competition.  Its very different that a regular public market. 

Public markets work on competition, which is good for consumers.  Nitch 
markets exist because the public market doesn't or won't provide the 
specific services/limits the consumer seeks. 

> How would they know? If you exclude those e-mails without rDNS, then
> your users never receive the e-mails from those with less than perfect
> system admins, and they may never know they don't get it... Or do you
> simply say, "Ignorance is Bliss"? 
> I guess you don't host any e-commerce sites. If you did, you'd be
> risking a fair amount of business from people who simply think the
> business is uncaring, because the business never replies to e-mails. 
> Oh, and if you shut off the services used as health indicators (ping,
> traceroute, etc), I guess you'd never know if it DOES work for all of
> you. 
> Lucky your competitors don't have your client list... Or tell me who
> your clients are, I'll educate them, and THEY can tell you what's
> idiotic, since THEY are paying your bills.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://www.dshield.org/pipermail/list/attachments/20041027/7839c4b3/attachment.bin

More information about the list mailing list