[Dshield] Users don't pay attention

Ted Cooper sansX0405 at elcsplace.com
Sat Aug 20 03:24:43 GMT 2005


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Abuse wrote:
> I think blocking port 25 is a very good strategy as this blocks most of the
> compromised computers (which is the main source of spam).  If you want to run
> your own email server then set it up to relay all of your out bound email
> through your ISPs email server.  You can still receive email directly into your
> email server without any problems.
> 
> Please explain to me why this does not work?

It doesn't work where the ISP doesn't maintain or look after their mail
servers and as a result, sending mail through their servers takes anywhere
from a few hours, to a few days.
Here in Australia, this is the pretty much the story for a certain large
un-named ISP. Sending mail through their mail servers is no garantee of the
mail ever being delivered as their servers get blacklisted and bogged down
with spam.
The solution for customers on this network is to set up a fully featured Exim
mail server and use that.

If this isn't bad enough - their solution to multiple zombies overloading
their client DNS servers was to add hundreds of extra DNS servers. Needless to
say, this plan failed and they actually had to start disconnecting zombie users.

Yes, the best solution would be to not use them, but they are the giant telco
and the mammas and papas (and their small businesses) can't see past them.

I'd rather use the source IP as a garylisting marker than have people unable
to send email out because it's blocked.

Ted.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFDBqJ2HTFM6KkFI5oRAmrWAKCU1SjpC6NX71g2+vIJNMXGrQXXEQCdG+O6
Lk93Cvh747ILjnzDDAJg47w=
=BvmB
-----END PGP SIGNATURE-----


More information about the list mailing list