Hi, Note: This is not precisely on-topic for SATalk though it hints that SPEWS is not the worst you may have to deal with.
On Sun, 17 Aug 2003 18:49:06 -0700 Abigail Marshall <[EMAIL PROTECTED]> wrote: > YD> There are only 2 > YD> places in the whole world that get denied at the MTA here and SBC is the > YD> only one of them that got there by spam. My feelings for them cannot be > YD> expressed without spilling blood. I'm going to shut up now before I > YD> start sounding like a raging nanae-ite :) Or the froth contingent on SPAM-L. More and more often, I wouldn't trust the more voluminous posters with a postage meter, let alone a mail server, certainly not a mail server I'd want handling my mail. I've got this weird notion that mail servers should *deliver* mail, you see... > If you look at my headers you will see that I am an SBC > subscriber. Wasn't always that way, SBC came along and > swallowed up the dialup I used to use, which had in turn > swallowed up my previous dialup. The DSL company I used, > which had swallowed up the one I initially signed up with, > shut down leaving all its customers stranded, and there I > was, left with the choice of SBC and Earthlink (leasing SBC > lines). I had a static block on jump.net until it was borged by ALGX, ALGX broke the mail system repeatedly, then decided they didn't want to sell DSL anymore but (oddly) wouldn't release my line until it went dead, meaning I couldn't get SBC to hook me up before then. A real shame since jump.net was the best, most technically savvy ISP in town. I would have used any other local DSL provider that would sell me a static /29 with SWIP and rDNS for a reasonable price. For better or worse, SBC was the only competetive provider, the only one that would sell me what I wanted, regardless of price. I've got no desire to line a telco or cable operator's pockets but when push comes to shove, I buy what I need from who will provide it. And I'm lucky; I'm in a fairly wired market unlike some poor bastards I know where (e.g.) Ameritech is the only broadband provider and you have zero flexibility in price or service. Last Wednesday, I had a problem with RoadRunner dropping all mail from SBC "residential" DSL networks, ostensibly out of shielding their systems from abuse. They've now started pulling the same stunt with Charter. NB: My domain handles a very small amount of outgoing mail which, for reasons of efficiency, privacy, and reliability, is not routed through SBC's mail system. Given my previous experiences with ALGX, I prefer to handle my own mail, rather than having it down for two days with no ETA or having it routed from Austin, TX to Boston, MA, back to a recipient in Austin. And, for reasons that will be explained later, I don't trust my ISP (or any large ISP for that matter) to make sensible spam blocking choices. Initially I believed the rumor that the problem was that SBC were a pack of boneheads, mixing static and dynamic allocations within the same netblock (say, the same /24.) If that were truly the case, I'd almost buy RR's arguments. Almost, knowing that you *will* drop legitimate person-to-person mail because the whole point of buying a /29 is to run servers including (gasp) mail servers. Now, my servers reject mail from systems listed on: relays.ordb.org # open relays - bad! proxies.relays.monkeys.com, # open proxies - worse! opm.blitzed.org # " " " sbl.spamhaus.org # bad actors and the providers that love them zombie.dnsbl.sorbs.net # unallocated or stolen networks dynablock.easynet.nl # confirmed dynamic allocations as well as systems with broken EHLO/HELO or no rDNS. The policy in a nutshell is this: I don't accept mail from sites with security problems or serious misconfigurations (open relays and proxies, broken HELO or missing rDNS), from confirmed bad actors, from improperly-allocated netspace, or from *confirmed* dynamic allocations. (On-topic: I used SPEWS briefly until it was apparent that it had too high of a FP rate to use as a single test of validity; I still use it within SA.) So I was almost willing to buy RR's argument for blocking SBC "residential" DSL space; it would be somewhat inconsistent of me to carp about their policy when I myself drop mail from confirmed dynamic allocations (caveat: my domain handles little mail, has few users, I personally watch the logs, and tolerate almost no FPs.) Then I took a look at the SWIPs for my /24 and found that all (or all but two /29s I can't confirm - 66.143.181.16/29 and 66.143.181.24/29) are static allocations. Five American dollars or two good English pints says that 66.143.181.0/24 is all statically allocated with network owners identified by SWIP. As far as I can tell, the only reason these networks are being blocked by RR is because of rDNS. 66.143.181.0/24 is clean on 29 of 30 DNSBLs listed by openrbl.org, the sole exception being the XBL (http://xbl.selwerd.cx/) which lists most of the internet and which the owners don't even use for blocking. I would expect to see some indication that my network space (for convenience, 66.143.181.0/24) is dirty or even dynamic for RR to drop traffic from it. Even a search of the abuse newsgroups doesn't turn an entry until you start looking at 66.143.0.0/16 and of course you're going to find abuse in a /16 of any commercial ISP. I've concluded that this is as much a spite listing as anything SPEWS is capable of. And note that nothing short of an rDNS change will change my network's legitimacy in the eyes of RR (they once would whitelist you if your network was SWIPped - no longer), not contact information or other evidence of accountability, not polite requests from the blocked network, and not complaints from their own customers about lost legitimate mail. At least with SPEWS I can tell why my network is blacklisted, who the responsible parties are, and why my network has eventually been caught up in collateral damage. Temporarily, I've redirected my RR-bound mail through SBC's mail service, until RR customers tire of being on their enforced intranet, RR lifts their draconian policy, or I can get SBC to fix my rDNS to RR's (and *only* RR's) satisfaction. I'm not holding my breath. I expect this will only be fixed once RR is publicly embarassed back to sanity. This more than anything is why I run my own mail servers - to avoid just this sort of erratic behavior from my ISP. ... > Which is why Spews is such a joke. SBC really doesn't have > to worry about losing customers when there is no place for > them to go, so boycotting isn't going to get anywhere other > than to inconvenience the thousands of innocent customers > whose email is blocked because they happen to live on the > same planet as the spammers. Perhaps someone should let RR in on the joke. -- Bob ------------------------------------------------------- This SF.Net email sponsored by: Free pre-built ASP.NET sites including Data Reports, E-commerce, Portals, and Forums are available now. Download today and enter to win an XBOX or Visual Studio .NET. http://aspnet.click-url.com/go/psa00100003ave/direct;at.aspnet_072303_01/01 _______________________________________________ Spamassassin-talk mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/spamassassin-talk
