Slashdot Mirror


Spanish Internet Provider's SMTP traffic Blocked

Andrew D Kirch writes "After being barraged by spam and 419 scams from Rima-TDE and telefonica.es [translated], the AHBL has announced that all of Spain's national ISP's e-mail will be blocked by their blacklisting service. One has to ask though, is blocking an entire country like this the future of spamfighting, or has something gone horribly wrong?"

16 of 841 comments (clear)

  1. Re:about time by Narkov · · Score: 5, Insightful

    Bad luck to those ligitimate ISP's out there that get brought down by a few big National ISP's.

    Blanket measures like this are wrong. Target the individual ISP's that are known bad.

  2. Re:Is there such a thing as a reputable blacklist? by trelanexiph · · Score: 5, Insightful

    not so much a bandaid as a trust metric. It's the equivalent of saying "I am incapable of doing this research, however I will trust persons x y and z to do it, until I say otherwise, I still retain control of my server because I can revoke that trust at any time". However your comment is quite valid, some of them are "self appointed dimwits"

  3. Wonderful by Neo-Rio-101 · · Score: 5, Insightful

    This is amazing really.

    All the democratizing functions, promises of free education, free dispersion of information, increased international communication and understanding..... all these things that the internet promised is being brought to it's knees because of penis enlargements, nigerian fraudsters, and greedy marketers all wanting to make a buck!

    Don't mod this funny! It's NOT!

    (Actually, now that I think of it, TV suffered the same fate. Originally touted as an educational resource, it turned into the junk box it is today. It's just history repeating.)

    --
    READY.
    PRINT ""+-0
  4. Blocklists don't block email by jhunsake · · Score: 4, Insightful

    e-mail will be blocked by their blacklisting service

    Nope, only *you* can block email to *your* server.

  5. Re:Inevitable, and other countries are next. by LostCluster · · Score: 4, Insightful

    Uh... the site says:

    Blackholes.us does not list spammers, spam supporters or vulnerable hosts at the present time. These lists are meant to contain all known networks assigned or allocated to the respective provider or organizations within the respective country. Lists are created for research purposes, primarily, and are made public for any use others see fit.

    Really, all they're giving you is a list of IPs assosicated with the named nation or company. If you were to use all of those blacklists at once, you will have blocked out nearly every major hosting firm in the USA, and a good chunk of the world. Not just the spammers, but everything within those ranges. This is definitely a "We can't find the criminals, so we're nuking the town!" defense plan.

    These lists are valuable if you want to lock out an entire provider... but realize that you're going to throw out a lot of legitimate servers in your quest to block a few Spammers. Unless you're sure you're never going to have customers in Mexico, don't throw out all of Mexico's IP space in one swipe.

    Also, beware that these lists don't sort datacenters from customers. EV1's IP space for example is mostly servers, but they do operate a regional ISP as well. Block that whole range, and some dial-up customers might try to reach you and fail.

    Think before you block...

  6. Re:Please clarify. by LostCluster · · Score: 4, Insightful

    Oh, TDE addressing the Spam issues would be great... but the collateral damage of blocking e-mail you want to get is not something you should be taking chances with.

    If you have a large number of customers in Spain, and you're configured to use this blacklist... you're screwed. It'll take several hours before you realize why you stopped getting customer e-mails.

    Using these blocklists in an automated mode is a very dangerous thing. You never know what collateral group of non-spammers will be blocked next.

  7. Re:about time by Anonymous Coward · · Score: 4, Insightful

    I believe Poor Richard's Almanac (written by Benjamin Franklin) which went something like this:
    When solving a problem it is common to take a method and try it. When it fails, try another. But above all, do something."

  8. Re:It's not something that'll ever go away by _Sprocket_ · · Score: 4, Insightful


    You make it sound like no one ever uses their own corporate mail servers? ...
    While this may actually induce something to happen, I still feel the cost on the innocents is just too high.


    If I were a company who rented IP space from Telefonica De Espana, I'd be upset. They should be able to police their own network. I would have to consider taking my business elsewhere. Or, failing that, seek compensation for the increase in expense of hosting my company email server elsewhere.

    The key here is generating a cost to ISPs who harbor spammers. After all, a spammer's fee is certainly incentive to sign them on. Without a counter incentive, we will quickly find ourselves in a classic tragedy of the commons situation.

    A final point - email and the Internet in general is a powerfull, valuable resource that exists because various entities work together. When one (or more) entities threaten the workings of that resource, it should be of no suprise that others will decide to no longer work with them.
  9. Blocking Entire Countries by RWarrior(fobw) · · Score: 4, Insightful
    It would be nice if these kinds of things would get administrators' attention. I don't have high hopes.

    Personally, I get anywhere between one thousand and one hundred thousand spams a week directed at my domain from some asshat in Brazil. They come addressed to user1@mydomain.com, user2@mydomain.com, etc., in alphabetical order. Tens of thousands of them. And that's just the Brazilian stuff. That doesn't include the mortgage ads, 419 scams, porn ads, and advertisements that will help me make my wife's penis larger.

    Since I'm the only person who uses my domain, and I don't read Portuguese anyway, these are nothing but a drain on my bandwidth and resources, even if I were inclined to buy penis enlargement cream for my wife.

    And since I use a hosting service I can't implement a connection-level block because I don't have root on the box. Implementing SpamAssassin on the hosting server brings their box to its knees (I know because I've done it and they shut down my account); instead, I have to dedicate one of my own boxes to scanning all this shit -after- downloading it. My box does virtually nothing else.

    And since my domain is my last name, I can't exactly change it easily.

    SMTP is broken. It has outlived its usefulness, and it is past time for it to die. Born in an era when the internet was a far safer place, patches and scanning placed on top of it to stop spam do nothing to put the burden of sending mail where it belongs: on the sender. While tools like SpamAssassin, SpamBouncer and RBLs help us to avoid seeing the crap in our inboxes, they remain kludges that still eat up our processor time, bandwidth, infrastructure and money.

    But all my work in call centers has taught me that stupid people will always exist, and that some of them can never be taught to behave properly. This means that any schmuck with enough money and enough time and some basic Google literacy can set up a broken copy of $YOUR_FAVORITE_SMTPD on $YOUR_FAVORITE_OS and become the latest spew.

    Proposals exist (Dr. Dan Bernstein's Internet Mail 2000 is one of several) to shift the burden of storage and processing from the receiver to the sender. All well and good, but nobody's bothered writing a bunch of cross-platform implementations that everybody will actually switch to, and that Microsoft won't be able to embrace and extend.

    So where does that leave us mere mortals, except to use the hypersonic planet-smashing axe to kill the maggot-laying fly?

    --
    Remove the caps and hold to a mirror.
  10. As a Spaniard... by JCAB · · Score: 4, Insightful
    As a Spaniard living abroad, I care deeply about this. I do exchange plenty of legit email with Spain, you see, so this will affect me personally.

    Contrary to what many people seem to think here, the announcement doesn't say thay'll block the whole country. That measure would be draconian, along the line of nuking a city to quench a major disturbance.

    Instead, they say (correctly) that they are blocking the offending IDE, which "is the govt run ISP of Spain" so it can be expected that this ISP provider is a major provider, and many people will be affected. I believe that. Telefonica was, until a few years ago, _the one and only_ telephone communications provider of Spain. It is BIG.

    This is unfortunate, but _if_ this provider really is such a non-cooperative major source of spam and hack attacks, then I can't blame them for blocking it, much as it pains me.

    --
    Salutaciones, JCAB
  11. Society doesn't work like an ideal... by Animaether · · Score: 4, Insightful

    Ideally, people would complain to their ISP. But, society is hardly an ideal...

    -----

    Somebody robs a bank and flees.
    The cops don't know where he is, but know that he can't have fled beyond 5 blocks.
    The cops cordon off those 5 blocks.
    Everybody within can't leave, everybody outside can't get in.
    Does society, in general, get pissed wtih :
    A. The bankrobber, for robbing the bank, making this a likely necessity
    B. The police, for preventing people from going where they want

    Answer : B

    -----

    A local TV transmitter gets notice from a commercial network that the commercial network will no longer pay the transmitter to be aired. They'll have to put them on the air for free.
    The local TV transmitter gives them the finger and pulls them off the air.
    Delicate issue : the commercial network carries soap operas that are hugely popular within the local region.
    Does society typically blame :
    A. The commercial network for using their show's/shows' popularity to try and strong-arm the local transmitter for a better deal
    B. The local transmitter for making it impossible to watch their favorite show

    Answer : B. Real story where I'm from, and people ended up getting TV dishes en-masse.

    --

    Same thing with this...

    Do you really think all those Spanish people are going to blame their ISP for hosting (known) spammers once they get word/realize that their mails out to the world are bouncing/getting eaten ?
    Of course not. They're going to say "wtf. stupid blacklists - that e-mail has to be there today, and that blacklisting of my ISP is the reason it can't. I guess I'll have to hotmail it. *expletive*"

    That's how cause and effect is going...
    effect : ISP is blacklisted
    cause : ISP hosts spammers
    NOT the legitimate people's problem!

    at least, until...
    effect : people can't send e-mail
    cause : blacklists
    Therefore - blame the blacklists!

    you see, there is no :
    effect : people can't send e-mail
    cause : ISP hosts spammers
    relationship to most of society, so they're not about to blame the spammers.

    And as much as I disagree with that stance, and would poke at my ISP to see if they can get off the blacklists a.s.a.p., I can't say that I blame users who point at the blacklists instead.

    Maybe if blacklists could warn ISPs' users 3 days in advance. Maybe... mass e-mail them :x That's spam I wouldn't mind receiving it means I could ring up the ISP and warn them that if 3 days later the ISP still finds itself listed, I'd take my business elsewhere - and find a decent alternative in the mean time, rather than being caught off-guard.

  12. Re:incompetence outside of the US? by sofar · · Score: 4, Insightful


    I'm a european and the occasional relayed-by-spain spam message doesn't even make the 95% that is relayed by US based machines.

    Don't assume, measure, balance, and do something about your own country's companies. It could be your neighbour.

    And that guy 3 postings up has a valid point: 80% of all spam topics are US centric. I should blacklist all US IP numbers for that. The US is capitally guilty of keeping spam in place, either by the largest DEMAND (companies and customers), or by non-conclusive legislation.

  13. Bad neighborhood. by CrystalFalcon · · Score: 4, Insightful

    The equivalents exist IRL too.

    I live in a place where I have difficulty finding a cab. If I call for one on the phone, they tell me to be out in the street waving for the cab, or they will drive past without stopping in the area. I never go out on a Friday or Saturday night without a bulletproof vest, and I'm always armed with at least one combat knife - often several.

    This is where you live online. This is why people won't come to your place to deliver pizza. Or SMTP, or any other service.

  14. Using blacklists is OPTIONAL by WoodstockJeff · · Score: 4, Insightful
    The use of ANY blacklist is OPTIONAL on the part of an ISP. And, in the case of the article in question, the lists mentioned are (and have been) more agressive than most people would like.

    We only block based on a few external lists (ORDB, SpamCop, Blitzed Proxy), and then, not unconditionally. 90% of our blocks are done by internally generated lists, because we do have to receive mail from compromised sources at times... our business customers have clients in countries that are notorious for spamming, and even on ISPs that are bad.

    That said, we do not accept any mail on the first pass from a large number of subnets, varying in size from /24 up to /8's, and a growing number of European subnets are on that list - not just Spanish ones. Mail from these subnets is "soft-bounced" (given a 451 error code) until it can be reviewed for legitimacy. And anything that doesn't have at least 1 retry is judged to be a proxy-based spam attempt.

    Now, I will check bounces against some of the more agressive lists in deciding whether to make exceptions for these "soft bounces", but the final authority is a check with the customer on anything questionable. A million-customer ISP can't do that; that's one of our advantages...

  15. Re:Inevitable, and other countries are next. by weijiao · · Score: 4, Insightful

    This is just egocentric crap! We are frequently blocked because our netblock is a source of spam. The ultimate provider is controlled by a branch of the Chinese government. Like most people here, we have no choice, or influence over our ISP. The logic in the post is therefore fatally flawed. Be aware, that the fastest growing power in IT and related is China. Do you really want to exclude that potential source of business enquiry? If so, it is not surprising that you are exporting your jobs to India and China. Ironically, 99% of the spam I receive is for products whose ultimate source is the USA.

  16. Re:incompetence outside of the US? by budgenator · · Score: 4, Insightful

    What determine "who have no business sending smtp"? virus or trojan ridden computers

    That's not an unreasonable start for a definition. If your the webmaster of example.com, and your ads are coming through an smtp server in example.com's domain, your going to be careful not to get your domain blacklisted. Most hosting provider's have some way of alowing you to compose Email on your local machine, and sending through your hosted domain. Even if they don't, a perl or asp script on your websever can do the trick real easy.
    Anyone with the knowhow that is paying for an internet conection deserves the right to use that internet conection as they see fit. No you don't, you have the rights given in your ISP's Terms of Service. And I'd bet that all of those rights are subject to change without prior notification. If you don't like the service provided by your ISP, simply find one who does. You can even look into getting a raw pipe for yourself, then you can deal with all of an ISP's headaches.

    The Bottom line is an Internet cafe that doesn't block out-going port 25 is just an open-relay that requires your physical presence.

    --
    Apocalypse Cancelled, Sorry, No Ticket Refunds