Re: reply from sorbs

[JamesDR]

DSL, Cable, T1, Fiber, etc. your high speed connection type shouldn't be blacklisted, your service level should, ie dynamic residential line. A business class customer paying for static ip(s) on a (a/s)dsl line should not have their ip's blacklisted. I've seen as much spam come from lines where a spammer buys 254 ip's and starts spamming, then changes ip's a month later. The RDNS of the ip matches the helo etc. It isn't the blacklister's fault in most cases to have a user's isp too lazy to properly operate their policies. If you are a business customer, your isp has blacklisted you, it's your responsibility to either find a new isp (where there ins't a monopoly on the line in case of DSL and Cable) or make sure in writing before you sign anything that your ip(s) will never be listed by the ISP as res/dynamic/dialup ip. If they do they may be in breach of contract (and you would need a lawyer for resolution.) If I'm a business customer, pay for static ip, I'd expect to not have my ip listed by default as a res/dynamic/dialup ip.
Also, if AOL/Yahoo/MSN were to require you as an admin to pay $100k per year in order to be allowed to send mail to them (via from your ip), would you be willing to do this? This would in effect stop 100% spam...

My 2c

Thanks,
JamesDR

Bob Amen wrote:

   I realize this is way off topic, but it is important to spam fighting.

jdow wrote:

On Sun, Nov 28, 2004 at 10:11:12AM -0000, [EMAIL PROTECTED] wrote:

Hi,

if I did not miss anything in this thread, the victim HAS a static IP on

the cable/dsl link and

pays more for the access than dynamic ip would cost with the same

provider.

The provider, however, reports a full ip block (which may have a few

percent of

static ip's) as dialup.
I believe the extra money they get on the fixed ip should allow them to
- either report correctly or
- create a mail relay where authenticated users can use their own domain

name as sender

Yes, they should have a separate block of IP addresses for those that pay the added cost. And those don't get reported to the SORBS DUL list. Maybe other lists if they actually do spam but not DUL.

So because he is on an address block listed as dialup he gets no chance
to issue an SPF for his site. Ah well.

He could but unfortunately SPF doesn't solve the problem. The very same zombie machines that are spewing spam are also DNS servers offering SPF records for the domain they claim to send from. And those domains are either registered with false or forged information or registered anonymously, thanks to the policies of some registrars, aided and abetted by ICANN. Spammers are adopting SPF faster than the rest of the Internet.

It's a difficult situation we're in and there is no silver bullet. We need every resource we can use, including good block lists, SPF as a rule in SpamAssassin and more. It's very depressing and getting worse, according to my mail servers' statistics. We need everyone with a clue to help by sending mail in ways that support the resources we use instead of whining that they can't do something the way they want. Don't blame me and the other mail server admins if you can't get mail to our systems because you are sending from a machine on a DSL modem. Blame the spammers and those that buy from them!

smime.p7s
Description: S/MIME Cryptographic Signature