[Dshield] Users don't pay attention

Abuse abuse at what4now.com
Sat Aug 20 23:27:55 GMT 2005


** Reply to message from Ted Cooper <sansX0405 at elcsplace.com> on Sat, 20 Aug
2005 13:24:43 +1000

> Abuse wrote:
> > I think blocking port 25 is a very good strategy as this blocks most of the
> > compromised computers (which is the main source of spam).  If you want to run
> > your own email server then set it up to relay all of your out bound email
> > through your ISPs email server.  You can still receive email directly into your
> > email server without any problems.
> > 
> > Please explain to me why this does not work?
> 
> It doesn't work where the ISP doesn't maintain or look after their mail
> servers and as a result, sending mail through their servers takes anywhere
> from a few hours, to a few days.

An incompetent ISP is always going to be a problem.


> Here in Australia, this is the pretty much the story for a certain large
> un-named ISP. Sending mail through their mail servers is no garantee of the
> mail ever being delivered as their servers get blacklisted and bogged down
> with spam.

The thing that helps the most is when users get fed up with bad service and
move elsewhere.


> The solution for customers on this network is to set up a fully featured Exim
> mail server and use that.

That is one solution that works somewhat.  Some ISPs block what is considered
dial up lines (DUL) which include not only the dial up lines but DSL lines
also.  Just this morning I was discussing a way around the DUL blocking from a
club email server since it is hosted on a DSL line.  The way to do that is to
have the club email server send all of its outgoing email through the ISPs
server.


> If this isn't bad enough - their solution to multiple zombies overloading
> their client DNS servers was to add hundreds of extra DNS servers. Needless to
> say, this plan failed and they actually had to start disconnecting zombie users.

S..t happens when you are incompetent.


> Yes, the best solution would be to not use them, but they are the giant telco
> and the mammas and papas (and their small businesses) can't see past them.

That may be so but if they have enough problems they will probably look around
and find an ISP that can give them good service.


> I'd rather use the source IP as a garylisting marker than have people unable
> to send email out because it's blocked.

I never allow my ISP to block any of my email.  I will download all my email
and use my own filters to move the spam into another folder where I can check
to see if anything I really want went there by mistake.


More information about the list mailing list