>
> Mark Evans <[EMAIL PROTECTED]> writes on 12 November 1999 at 16:22:40 +0000
>
> > Someone at mail-abuse.org came up with the idea of creating a list to enable
> > ISP's to "blacklist" their pools of dialups.
>
> Um, no. ISPs aren't expected to report this themselves. And the idea
I've re-read the web pages and it certainly looks as though the people
running the list do want ISP's to directly give them the IP blocks.
As well as the whole thing being very Windows centric and in places mixing
up opinion with fact.
> came about because they noticed more and more spam coming from dial-up
> IPs.
Anyway it would probably make more sense to be holding such lists of
*Dynamic* IP pools, regardless of the physical level of the connection.
> And at least on my system, it blocks far more spam than anything else
> I use, AND blocks far fewer legitemate connections than RBL or ORBS
> have. (Wow; just looked at the most recent stats, and for this
> period I'm wrong; RSS blocked 75, DUL blocked 53, and RBL blocked 8.
> I check them in that order.)
Probably becuase it isn't going to take spammers that long to realise
that sending spam directly is most expensive for them. Since they are
then forced to send the body of the message just about every time.
(That's most expensive in terms of their time, bandwidth and chances
of being caught "in the act".) As well as meaning that algorithms to
deter such things as the sending of multiple RCPT commands hit the abuser
directly. If they are silly enough to ignore MX records and only look at
A records then they should also except automated finger and port scans,
as outlined in the tcp wrappers manual.)
What spammers are always going to prefer is a relay, especially one
which will accept a huge number of RCPT commands.
--
Mark Evans
St. Peter's CofE High School
Phone: +44 1392 204764 X109
Fax: +44 1392 204763
