I just got back from a 2 week holiday and have been reading this thread with a lot of interest. I thought I would respond and try to explain the situation from our perspective. I could write an entire essay on this, but I have tried to be as concise as possible, though it is still a wall of text.
Am 11.07.2017 um 13:00 schrieb Felix Schwarz: > If I'm not mistaken also Hetzner's mail admins are reading this list so maybe > they can convice their management to do something about the bad reputation. Management was convinced over a year ago. Our internal abuse processing and handling was reviewed, and made stricter. I will admit that we used to be too lenient in that regard, but that is no longer the case (at least not intentionally). The results have been very encouraging. The leading blacklist and reputation providers that have easy network/ASN lookups show a decrease of at least 60% in “bad” IPs within our network within the last year. This applies to Spamhaus, SpamCop, SORBS, UCEPROTECT, Senderbase (now Talos Intelligence) and the Microsoft SNDS. The amount of abuse complaints we get has also decreased substantially. All of this, even though we are continually growing. I’ve been in contact with a number of people this past year and many of them have acknowledged that our network no longer deserves a bad reputation. However, I can fully understand that not everybody will agree, and I believe there are 3 main reasons for that. 1) Historical. I wil be the first to admit that in the past we were too lenient with spam-handling, and there was more spam leaving our network than there should have been. This can mean that if somebody gets spam from our network today, they think "great, Hetzner hosting another spammer", even though the message was due to a compromised account (see point 2), and the overall amount of spam is much lower than it was historically. 2) Constant spam. Due to the nature of our business (IAAS provider), the fact is that there will always be a certain level of spam leaving our network. Brandon actually mentioned exactly this. Am 10.07.2017 um 21:37 schrieb Brandon Long: > They may not even be renting directly to spammers, but their users are > getting compromised and sending spam and other crap from their servers. We > see clickbot and other fraud farming from those IP ranges as well. > > It is an unfortunate situation, and challenging, no doubt. We have over a million IP addresses, and the vast majority of those are allocated to unmanaged servers. Short of blocking all email communication from our network, there are always going to be customers sending emails, and thus there will always be some who send spam. Our job is to minimize that as much as possible. Anybody who has worked an abuse desk will know how hard that is, especially at an IAAS provider like ourselves. We don’t intentionally harbor any spammers, and any that manage to get through our checks (we block dozens of new orders a day) and start sending spam, are soon terminated. We have a few email marketers, but the vast majority of the spam leaving our network is from compromised accounts, for which we can do very little. 3) Perspective. As with so many things in life, what you think of something depends greatly on your point of view, and the assumptions and expections you (sometimes subconsciously) bring along. If somebody assumes that there should be zero spam leaving our network, they will always be disappointed. I believe a perfect example of these different perspectives is found within this thread. Am 11.07.2017 um 09:11 schrieb John Levine: > Hetzner gushes spam, and I've had most of their > IP ranges totally blocked for years. Am 13.07.2017 um 20:15 schrieb John Levine: > Look for yourself: > > http://www.taugh.com/sp.php?c=&i=78.47.0.0&j=78.47.255.255&k=puavppaxru First of all, thank you for that link John, I appreciate you sharing that information. It’s always good to have additional information about our network, and I will be checking that link regularly. I have no idea what assumptions John has, but the comment about “gushing” spam made me believe that the evidence would show a list of hundreds, if not thousands of IPs, sending spam every few days over the course of many months/years. What I see instead is almost exactly the opposite. This year (2017), there have been a total of 89 spam messages, from a mere 44 IPs (which currently belong to 44 separate customers of ours). These 44 IPs represent 0.00067% of the IPs in the /16 range (65,536 IPs total). None of the IPs sent spam regularly, and all of them stopped within a few days. 99.99933% of IPs did not send spam. To me, this is a clear sign that we are doing a good job. Yes, there is a “trickle” of spam, and I would dearly love to completely cut that out, but as mentioned above, that is unrealistic. We are trying to minimize the amount of spam, and I believe this shows we are doing exactly that. Now, I’m biased, and I’m obviously going to defend the company I work for, but I truly believe we are on the right path. There is still a lot that can be done, and is in the process of being done, but the results from the past year show that we are serious about this. This is a never-ending process and we are far from perfect, but we are working on it. Anybody can check our network (and compare it to those of our competitors) and come to their own conclusions. If anybody has complaints or information about our network we have a functioning abuse department with real humans. If something isn’t being handled satisfactorily, you can request it to be escalated, or you can contact me directly. TL;DR We care about spam and believe that the evidence shows that. Kind regards Bastiaan van den Berg -------------- Hetzner Online _______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
