That hetzner.de (or whatever host owns the equipment) is leasing hardware+connectivity in one bundle, and possibly the OS, leaving their customer is fully in control of the machine and the host has no day to day administrative duties or responsibilities.
On Tue, Jul 18, 2017, at 16:52, Tim Starr wrote: > Then what does "unmanaged" mean in this context? > > -Tim > > On Tue, Jul 18, 2017 at 1:28 AM, Dave Warren <da...@hireahit.com> wrote:>> __ >> As far as #2, because users of said servers often want to send email.>> >> >> On Mon, Jul 17, 2017, at 12:05, Tim Starr wrote: >>> An overall admirable response, keep up the good work. Just 2 questions:>>> >>> 1) Why not put TLDR at top? >>> 2) Why allow email to be sent at all from "unmanaged servers"? >>> >>> -Tim >>> >>> On Mon, Jul 17, 2017 at 7:44 AM, Hetzner Blacklist <blackl...@hetzner.de> >>> wrote:>>>> I just got back from a 2 week holiday and have been reading this >>> thread>>>> with a lot of interest. I thought I would respond and try to >>> explain the>>>> situation from our perspective. I could write an entire >>> essay on this,>>>> but I have tried to be as concise as possible, though it >>> is still a wall>>>> of text. >>>> >>>> Am 11.07.2017 um 13:00 schrieb Felix Schwarz: >>>> > If I'm not mistaken also Hetzner's mail admins are reading this list>>>> >>>> > so maybe >>>> > they can convice their management to do something about the bad >>>> reputation. >>>> >>>> Management was convinced over a year ago. Our internal abuse >>>> processing>>>> and handling was reviewed, and made stricter. I will admit >>>> that we used>>>> to be too lenient in that regard, but that is no longer >>>> the case (at>>>> least not intentionally). >>>> >>>> The results have been very encouraging. The leading blacklist and >>>> reputation providers that have easy network/ASN lookups show a >>>> decrease>>>> of at least 60% in “bad” IPs within our network within the >>>> last year.>>>> This applies to Spamhaus, SpamCop, SORBS, UCEPROTECT, >>>> Senderbase (now>>>> Talos Intelligence) and the Microsoft SNDS. The amount >>>> of abuse >>>> complaints we get has also decreased substantially. All of this, even>>>> >>>> though we are continually growing. >>>> >>>> I’ve been in contact with a number of people this past year and many >>>> of>>>> them have acknowledged that our network no longer deserves a bad >>>> reputation. However, I can fully understand that not everybody will>>>> >>>> agree, and I believe there are 3 main reasons for that. >>>> >>>> 1) Historical. I wil be the first to admit that in the past we were >>>> too>>>> lenient with spam-handling, and there was more spam leaving our >>>> network>>>> than there should have been. This can mean that if somebody >>>> gets spam>>>> from our network today, they think "great, Hetzner hosting >>>> another>>>> spammer", even though the message was due to a compromised >>>> account (see>>>> point 2), and the overall amount of spam is much lower >>>> than it was>>>> historically. >>>> >>>> 2) Constant spam. Due to the nature of our business (IAAS provider), >>>> the>>>> fact is that there will always be a certain level of spam leaving >>>> our>>>> network. Brandon actually mentioned exactly this. >>>> >>>> Am 10.07.2017 um 21:37 schrieb Brandon Long: >>>> > They may not even be renting directly to spammers, but their users >>>> > are>>>> > getting compromised and sending spam and other crap from their >>>> servers. We >>>> > see clickbot and other fraud farming from those IP ranges as well.>>>> > >>>> > It is an unfortunate situation, and challenging, no doubt. >>>> >>>> We have over a million IP addresses, and the vast majority of those >>>> are>>>> allocated to unmanaged servers. Short of blocking all email >>>> communication from our network, there are always going to be customers>>>> >>>> sending emails, and thus there will always be some who send spam. Our>>>> >>>> job is to minimize that as much as possible. Anybody who has worked an>>>> >>>> abuse desk will know how hard that is, especially at an IAAS provider>>>> >>>> like ourselves. >>>> >>>> We don’t intentionally harbor any spammers, and any that manage to get>>>> >>>> through our checks (we block dozens of new orders a day) and start>>>> >>>> sending spam, are soon terminated. We have a few email marketers, but>>>> >>>> the vast majority of the spam leaving our network is from compromised>>>> >>>> accounts, for which we can do very little. >>>> >>>> 3) Perspective. As with so many things in life, what you think of >>>> something depends greatly on your point of view, and the assumptions >>>> and>>>> expections you (sometimes subconsciously) bring along. If >>>> somebody>>>> assumes that there should be zero spam leaving our network, >>>> they will>>>> always be disappointed. >>>> >>>> I believe a perfect example of these different perspectives is found>>>> >>>> within this thread. >>>> >>>> Am 11.07.2017 um 09:11 schrieb John Levine: >>>> > Hetzner gushes spam, and I've had most of their >>>> > IP ranges totally blocked for years. >>>> >>>> Am 13.07.2017 um 20:15 schrieb John Levine: >>>> > Look for yourself: >>>> > >>>> > http://www.taugh.com/sp.php?c=&i=78.47.0.0&j=78.47.255.255&k=puavppaxru>>>> >>>> > >>>> First of all, thank you for that link John, I appreciate you sharing>>>> >>>> that information. It’s always good to have additional information >>>> about>>>> our network, and I will be checking that link regularly. >>>> >>>> I have no idea what assumptions John has, but the comment about >>>> “gushing” spam made me believe that the evidence would show a list of>>>> >>>> hundreds, if not thousands of IPs, sending spam every few days over >>>> the>>>> course of many months/years. >>>> >>>> What I see instead is almost exactly the opposite. This year (2017),>>>> >>>> there have been a total of 89 spam messages, from a mere 44 IPs (which>>>> >>>> currently belong to 44 separate customers of ours). These 44 IPs >>>> represent 0.00067% of the IPs in the /16 range (65,536 IPs total). >>>> None>>>> of the IPs sent spam regularly, and all of them stopped within a >>>> few>>>> days. 99.99933% of IPs did not send spam. >>>> >>>> To me, this is a clear sign that we are doing a good job. Yes, there >>>> is>>>> a “trickle” of spam, and I would dearly love to completely cut that >>>> out,>>>> but as mentioned above, that is unrealistic. We are trying to >>>> minimize>>>> the amount of spam, and I believe this shows we are doing >>>> exactly that.>>>> >>>> Now, I’m biased, and I’m obviously going to defend the company I work>>>> >>>> for, but I truly believe we are on the right path. There is still a >>>> lot>>>> that can be done, and is in the process of being done, but the >>>> results>>>> from the past year show that we are serious about this. This >>>> is a >>>> never-ending process and we are far from perfect, but we are working >>>> on>>>> it. Anybody can check our network (and compare it to those of our >>>> competitors) and come to their own conclusions. >>>> >>>> If anybody has complaints or information about our network we have a>>>> >>>> functioning abuse department with real humans. If something isn’t >>>> being>>>> handled satisfactorily, you can request it to be escalated, or >>>> you can>>>> contact me directly. >>>> >>>> TL;DR We care about spam and believe that the evidence shows that.>>>> >>>> Kind regards >>>> Bastiaan van den Berg >>>> -------------- >>>> Hetzner Online >>>> >>>> _______________________________________________ >>>> mailop mailing list >>>> mailop@mailop.org >>>> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop >>> _________________________________________________ >>> mailop mailing list >>> mailop@mailop.org >>> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop >> >> >> _______________________________________________ >> mailop mailing list >> mailop@mailop.org >> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop >> > _________________________________________________ > mailop mailing list > mailop@mailop.org > https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
_______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
