Regarding spamrl.com / spamexperts, their customer tools don't work. The only solution is to drop them. On and off, months were wasted with those clowns.
I'm assuming the customer never sees the dictionary search attempts, so the problem is their crappy software. Now I have caught snow shoe type dictionary searches coming from Digital Ocean IP space. The hackers buy three to as many as eight "droplets". I report them and DO does shut them down. It is possible spamrl.com just seems the entire DO IP space toxic, but then again they should provide a functional whitelist procedure. This VPS race to the bottom is a problem. With OVH under $5, it looks like there is no floor, and you can't police your customers with pocket change revenue. Original Message From: Bill Cole Sent: Wednesday, May 3, 2017 8:26 AM To: Postfix users Reply To: Postfix users Subject: Re: Trace spam activity on mail server On 2 May 2017, at 10:56, li...@lazygranch.com wrote: > Would a spammy email server only trigger one RBL? Sure. > While mxtoolbox looks complete, there are more RBLs than on their > list. I never knew Trend Micro had a RBL. Funny story: technically Trend Micro has the ONLY "RBL" because that's a registered trademark. They bought that trademark along with all of the other intellectual property and ongoing operations of Mail Abuse Prevention Systems, L.L.C. ~15 years ago. MAPS was a not-for-profit founded by Paul Vixie, who invented the DNSBL mechanism and ran the first DNSBL: the Realtime Blackhole List, a.k.a. RBL. As far as I can tell, the active defense of that trademark has been almost invisible for over a decade, so while DNSBL is the formally correct generic term, RBL may not even be legally defensible as a trademark any more but one of the Trend Micro DNSBL's is actually named RBL. > Spamrl.com is one I can't stay off of. They do honor their one week > reprieve. Like I said, I managed to get them removed from servers that > I communicate with. There are over a hundred RBLs. If one is a problem > child, dump it. > > Pulled right from their website. > "Unfortunately, we cannot disclose any details about WHY your IP has a > bad reputation." > > This thread is about spamrl.com, and no, I'm not a participant in the > thread. > http://www.webhostingtalk.com/showthread.php?t=1598238 > > Supposedly spamrl.com uses honeypots, which makes me wonder if a > prankster can spoof headers and spam the honeypots just to drum up > customers for commercial white lists. The spamrl.com operation is just an alternative face for spamexperts.com and one of their inputs is feedback from customers, who can report errors in their filtering to spamrl.com addresses for mitigation.
