Slashdot Mirror

← Back to Stories (view on slashdot.org)

ISPs That Actively Combat SPAM?

Posted by Cliff on from the I-miss-my-inbox dept.

The Llama King asks: "Like a good netizen, I do my part to report spam. But most Internet providers merely respond with a canned e-mail and it's hard to tell whether action was taken - or when. I know a lot of abuse desks are overwhelmed and spammers can get a free ride if they pick their targets carefully. Occasionally I'll get a personalized response, and even notification that a spammer's access and/or Web site has been nuked - but that's rare, and seems to be getting rarer. What ISPs are best at responding to spam complaints in a timely fashion, both in terms of killing e-mail accounts and shutting down sites that have been spamvertised?"

8 of 45 comments (clear)

  1. two of the biggest hosters/isps in germany do by collin.m · · Score: 4, Informative

    Schlund+Partner AG and 1&1 Internet AG, they have build a nice testing system and operate a hugh blacklist (sadly non public) here is the link

  2. Admins seem to be lazy (slightly OT) by Deagol · · Score: 3, Informative
    I recently installed postfix for our domains and started rejecting IPs without a hostname (reject_unknown_client). Spam getting through dropped to a trickle, the reject-to-accept ratio being about 3:1, or about 1000 rejects a day. Unfortunately, there are many mis-configured sites out there, so some legit email was being denied.

    One would think that the remote sender would complain to their mail admin first and they would get it fixed (distributed debugging, if you will). But no, they bitched to the person on my end (even though postfix's default boune messages are pretty self-evident) and then I'd end up adding an exception.

    Initially, I would email {post,host}master@ the offending domain. While some were thankful for the notice, most either ignored me or flat out refused to add a rDNS entry for the mail server. Granted, it's not required by RFC, but in my opinion legit hosts should have DNS entries.

    (And no, I can't just ignore the problem. When the person who writes your paycheck looses email, you're fighting a loosing battle.)

    Actually, I gave up using reject_unknown_client today, except for large domains which are configured correctly (MSN, Hotmail, Microsoft, etc.) and a handful of Asian netblocks.

    So back to the OP... I wouldn't hold out for admins to take care of the spam for you, especially if they're with a company you don't actually work for.

    --
    Method of processing duck feet
    1. Re:Admins seem to be lazy (slightly OT) by Deagol · · Score: 2, Informative
      My opinion is not right or wrong -- it's an opinion, and one that seems to be held by quite a few admins. FTP and IRC servers often reject IPs without rDNS records, for example. IRC servers usually deny a site without identd running, too. This annoys the hell out of me, but I suck it up and consider it my burden to bear, not the remote admin's.

      I'd wager that if most mail admins knew they could reduce their spam load by 90% by this single config change (assuming there are other MTAs as versatile as postfix), they would do it in a heartbeat.

      Your inability to get RDNS entries for your machine is, to be blunt, your problem and not mine. Part of a full-service internet connection includes (or should, if you're paying for it) both halves of DNS service.

      --
      Method of processing duck feet
  3. My own observations by dacarr · · Score: 3, Informative
    At one time, all of the now big ones - Compu$serve, Earthlink, Netcom - were very active in doing this. Mindspring was also, and I think I have a couple "we killed 'em" messages sitting around. Not anymore though - you're right, it's only canned replies as far as the eye can see.

    These days if I get a response it's from Hotmail. Small ISP's also have the time for this, but small ISP's are small ISP's and tend to not require the manpower of the likes of Speakeasy, Earthlink, etc. for their basic operations - so accordingly when the occasional spammer buys usage on a small ISP, and they disuser him, they can respond to the complaints en masse and say "we got 'im, sorry 'bout that".

    I think the biggest reason for this is owing to the fact that dealing with spam is unto itself a laborious task. I suppose you can set up a filter for the local abuse address to bounce around email pertaining to a specific case, but first you have to identify the case - a filter won't drop in place by itself. Then, when the problem is pinpointed to the user, you have to (in no particular order) eliminate the account (easy enough), kill the user's dialup session if necessary (why get the DSL or the T1 if you know it's going to be killed the second you start spamming?), and block his port 25 access so he can't send mail. Maybe send a little courtesy message saying "All your base are belong to us" to the spammer as you nuke his account, or set his account to download mail precisely once, and he promptly loses his connection after that. After all that's done, then you have to draft up a reply or send a canned message to the complainers.

    In short, you can't win, and it sucks royally.

    --
    This sig no verb.
  4. we try our best by askewview · · Score: 2, Informative

    Where I work I do my best to handle every spam complaint properly but due to volume of abuse email at times it can be kind of hard. Most complaints i get end up being miss configured servers. Personally I just run all my spam througha filter that a friend of mine wrote that works great.

  5. My experiences with rackspace by yamla · · Score: 2, Informative

    I noticed about a week ago that more than 90% of my incoming spam was originating with rackspace.com customers. That was more than enough to grab my interest. I complained using spamcop.net, as always, but that didn't do anything. So I personally emailed the appropriate people at rackspace.com. They ignored this. Eventually, I found a 'live chat' function on rackspace's web site and used that to talk to someone. They claimed they'd 'look into it' but my deluge of spam continued. I complained over the next several days and eventually, just blocked all IPs controlled by rackspace.com. I understand it was only a couple of their customers but seeing as they were providing access to known spammers and they simply couldn't be bothered to help me out even a little bit, I didn't feel bad banning all their IP addresses.

    --

    Oceania has always been at war with Eastasia.
  6. earthlink.net adn attglobal.net by josepha48 · · Score: 2, Informative

    both allow you to turn on their spam elimitaion software. I use it it does help, but its not enough IMHO. I like yahoo's block user setup.

    --

    Only 'flamers' flame!

  7. Re:Well... by Anonymous Coward · · Score: 2, Informative
    First, it's death to end up on a blacklist.

    It is only death if you believe the people why run and promote these blacklists. There are some options that the anti-spammers in the newsgroup won't give you. You can send mail thru a smarthost on a non-listed server. You can tell the intended recipient that thier legit email has been blocked by their ISPs filters. You can get a non-listed block from your ISP (A /30 will do) and run your server on that. It is best to deal with the admins that are using the dnsbls than trying to deal with the lists. Working with any of the lists or their supporters is impossible.