Jonathan Tripathy put forth on 8/7/2010 8:09 AM: > Of course, VPS ISPs should always do checks to make sure > that a person signing up is who they say they are -
Herein lies the problem. The low cost business model of cloud/VPS precludes providers from doing any kind of meaningful customer vetting, or proper egress filtering for that matter to identify spammers on their network. If they did so, they would have to raise their prices, which they aren't going to do because their competitors aren't doing it either. This is no secret. It's been discussed on spam fighting lists for some time now. > A simple credit card > name and address would suffice I guess. No, it doesn't. Spammers all use stolen credit cards when they sign up for cloud/VPS. They spam from the accounts for a month or 3 until the card owner or issuer fraud detection system becomes wise. Then they do the same thing at another cloud/VPS provider with a different stolen credit card. Rinse, repeat. This has also been discussed for some time on spam fighting lists. Maybe it would benefit you to sign up to spam-l or nanae to keep abreast of the tactics spammers are using these days. If you had already been, you'd understand why cloud/VPS providers are generally considered dirty mail sources, requiring a receiver SOP of blacklisting all cloud/VPS, whitelist IPs when necessary. -- Stan
