Slashdot Mirror

← Back to Stories (view on slashdot.org)

Swedish ISP Blocks Computers That Send Spam

Posted by timothy on from the overkill-or-overdue dept.

snuppepuppan writes "One of Sweden's largest ISPs, Telia starts to block computers that send spam. 'The computers that Telia will block are primarily those that have been infected with "trojans" which are being used, without the customer's knowledge, to send enormous amounts of spam.'"

10 of 265 comments (clear)

  1. a great idea by batray · · Score: 5, Interesting

    If more ISPs took spam complaints seriously and acted on them quickly the net would be a better place. However it is has been my experience that abuse desks are mostly staffed by the clueless.
    For me the dominant source of spam that I get now comes from infected computers, since DNSBLs have rendered fixed spaming IPs impotent.

    1. Re:a great idea by gizmonic · · Score: 5, Informative

      My guess is that part of the problem is that most abuse desks are flooded with inane crap. At least ours is. I can't tell you how many emails we get from people who forward a spam to us, and do not include full headers. I mean, they had to find the IP and track down who owned it to get the spam report to us, so how can they then forward us the spam and not include headers? Amazingly, that accounts for well over half the abuse mail we get. Then there are the people who send a message saying "Stop sending me spam" and include an IP address, followed by a copy of our ARIN netblocks, as if we didn't know who we were, and that's it. No spam, no timestamp. Nothing. Then there are the myriad of people who simply write our abuse desk with nothing more than "Please remove me from your mailing list." And it goes on and on and on like that. Of course, now that all the nice new viruses are out there, we also get a ton of "One of your users attacked me on port 135" emails. (We have port 135 blocked on our routers to keep from our users from infecting the net, but on the same NAS, they can still get to each other.) The best ones are from people who send us email claiming they are being attacked by one of our DNS servers because their firewalls are capturing logs of the DNS requests.

      That's why, as I've said before, we love SpamCop. When we see a SpamCop report, we know we will have everything we need to knock someone off the network. Very seldomly have we gotten a SpamCop report on something that was not spam. As for the rest of the abuse mail? Maybe 1% or 2% have enough information to track the user, and are actual abuse issues. And usually, they were already banned from a SpamCop report.

      Anyway, I've rambled on enough. But for those who don't work abuse for a large ISP, now you have a small glimpse of what the abuse mail looks like.

      --
      WWJD?
      JWRTFM!
  2. In a related story... by bobdotorg · · Score: 5, Funny

    In a related story, Microsoft sues Telia, commenting, "C'mon, it would only be a matter of time before all Outlook and IE users get banned from the net."

    --
    __ Someday, but not this morning, I'll finally learn to use the preview button.
  3. Why is this news? by eddy · · Score: 5, Interesting

    Telia is mostly known for their suckage over here. They've made several false starts, including blocking SMTP completely at their border making it impossible to host ones own mail server.

    I guess if they've finally given up on that idoicy and actually go after the specific hosts that are a problem -- like we in the community has said for years is the correct solution -- then I'm all for it.

    Just sad that it's making news the way it is. I think the news should be that they wasted at least two years reaching this "insight"!

    Would be interesting to know if this was because the suits finally listened to their techs, or if it's because the techs finally gained a clue.

    --
    Belief is the currency of delusion.
  4. My work's ISP does a variation of this by quizwedge · · Score: 5, Interesting

    We have a local ISP and we are probably his largest customer. We've had problems since he is a startup and he traced them to trojans/worms/etc. so he sent them a warning to fix their system and then when they didn't, he shut them off. It's worked very well for us, keeps the number of infections down, keeps his network up and running, and keeps people accountable for the security of their computers.

    And if anyone is wondering why we're going with a startup for business, it's because the only choice between 144kbps DSL and a full T1 is this guy.

    --
    I have no .sig
    1. Re:My work's ISP does a variation of this by NorwBlue · · Score: 5, Insightful

      Actually, I did not wonder why You went with a startup for business. I Used to be Head of Computing in a company that spend around 2 mill $ and when we dropped the biggest computer supplier in Norway for a small startup, guess what : We went from being a ok account in a huge company to being the biggest account in a small company (It more than trippeled its sales). We suddenly got really good service, better prices and every one we called for help/support/service bent backwards for us(when we wanted them to, wich wasn't that often*evil grin of power*) So my advice to everyone managing a net is : don't follow the big fish, but find a place where You ARE the biggest fish. A bit off topic maybe, but if everyone did the same when it came to ISP services, YOU to would have leverage if you wanted your ISP to implement something similar.

  5. Re:Customers are *not* unaware of it by clfrd · · Score: 5, Informative

    The post doesn't say the users aren't aware of it, it refers to the users being unware that they're acting as spam relays.

  6. You get stung, you react. by Gubbe · · Score: 5, Informative

    TeliaSonera is a company formed by the merger of swedish Telia and finnish Sonera. Sonera is one of the largest Internet/telecommunications providers in Finland and their e-mail systems have become a laughingstock during the last month. Reason: they don't work. There have been delays of several days in message delivery, some messages are lost entirely and their SMTP server seems to be down.
    Sonera is blaming this 100% on the W32.Swen.A virus and while there is ongoing debate regarding Sonera's e-mail administrators' competency, that certainly explains why Telia is scrambling to remedy this problem in Sweden. [Un]fortunately (ignore the part in brackets if you are a privacy advocate) the Finnish legislation doesn't allow Sonera to perform the same thing as even automatic monitoring of e-mail traffic is not permitted by the communication privacy laws.

  7. Statistical analysis by Anonymous Coward · · Score: 5, Insightful

    of traffic can easily be used to find and stop spammers. I am amazed that all ISP are not doing this.

  8. This is news? TOS Enforcement is new? by Anonymous Coward · · Score: 5, Insightful

    How is this news? My local ISP has been doing this for years. It's called "enforcing terms of service" on offending accounts.