Slashdot Mirror
Verizon vs. Europe
mikrorechner writes "The Register has a story about Verizon blocking all incoming email from Europe since 22 December. Why? To reduce spam. I know that some providers block countries like South Korea by default, but I was not aware that Europe was seen as a major spam source. Well, it seems Verizon knows better..."
Are you sure they didn't mis-spell China?
I was considering blocking the entire IP range for the US, since I never get anything other than spam from there.
"I Know You Are But What Am I?"
block everywhere
well, it would be useful to have source country flagged up
is the uk included I wonder hehe
A blog I run for the wealth
But I can't speak French.
Nor English.
"make" means "lose" in Japanese language.
Since Europe doesn't bend over as easily as certain other continents, I believe that Verizon should just learn to respect citizens, for it has no other choice if it is going to survive in a truly free society or face serious consequences (trade sanctions, anyone?). This is how capitalism is meant to work, but Verizon might have some trouble to understand it having been living under the pro-corporation anti-individual government umbrella for so long. This is nothing new, a lot of corporations had to change their shady laissez-passer tactics, there is no reason to believe that Verizon is going to be different.
Sincerely,
Pan Tarhei Hosé, PhD.
"Homo sum et cogito ergo odi profanum vulgus et libido."
Living in europe , and having several difrent european email address , i cant recall one bit of spam that came from the EU .. im not saying it dosnt exist but logicaly since i have a .de email address (germany)
why is all my spam in American english (im not german i only live here) but everyone i talk to around here gets a vast marjority of the spam from companys in the USA........anyway...
Verizons policy seems to be the equvilent of chopping off your legs because you have a rash on you right big toe!
Maybe it's time to turn "Verizon" into a verb. As in:
BTW, just to remind people 'cos this comes up a lot. While Verizon and Verisign are both power-mad groups with some connection to communications, they're not the same company. Thank you.You are not alone. This is not normal. None of this is normal.
hopefully, your insightful post won't be verizoned down to -1.
Don't blame Durga. I voted for Centauri.
Am I alone in sitting here this morning, reading this story, and refusing to belive that even Verizon would do something so stunningly stupid.
Yee Gods!
Three Squirrels
I have read repeatedly here and elsewhere that most spam comes from "spam zombie" machines "pwned" via the machinations of malicious virus writers. Ergo, a machine spewing viruses via email is (a) a spam source in training and (b) attempting to create other zombies/spam sources. It therefore seems logical that any ISP serious about fighting spam would welcome reports of subscribers spewing viruses, whereby to notify the subscriber of the infection and/or suspend the account until the problem is fixed. On the assumption that the latter point is true (which I doubt), why do SpamCop and other spam reporting outfits refuse to report/notify ISPs about viruses spewing from their mail servers? If the number of owned machines is as represented, it seems that a huge step toward controlling spam would be identifying and fixing said machines or suspending their ISP accounts BEFORE they start spewing spam. (Note to trolls: Please do not start up about "lusers" not knowing how to identify the true ISP of an infected account and all that. SpamCop, for one, does this automatically based on IP address, so, the mechanism for reporting viruses to the source ISP is the same as for reporting spam.)
Ignorance is curable, stupid is forever.
They shuld greylist instead, that way at least SOME legit mail would get through.
http://projects.puremagic.com/greylisting/
At the University where i work we cut spam to about 10% of former bulk with Evan Harris' greylisting software 'relaydelay' (thanks Evan!). It let's through all legit mail as long as the sending server follows SMTP-standards and allows for a temporary failure.
Some problems with mailinglistsoftware that uses different envelope senders for each mail, but you can whitelist those servers.
How can I block emial from Verizion? I get a lot of spam from the US, particularly them, and I don't know anyone using their mail servers.
Gmail needs an option to block IP ranges...
const int one = 65536; (Silvermoon, Texture.cs)
SJW, n: "Someone I don't like, and by the way I'm a fuckwit" - AC
alot of people block email from verizon (or containing verizon URL's in the body) as they seem to host alot of spammers :-)
I feel like pulling out the form why your solution combatting spam won't work, though i'll spare everyone from that. Do you know that 99% of the ISPs never reply to anything sent to abuse@*? To be honest, in most cases they don't have the infrastructure for that, but the fact is a fact, they aren't replying. And even if they would reply, would they do anything? ISPs need to change first by enforcing stricter rules on them.
It takes a man to suffer ignorance and smile
Be yourself no matter what they say
"ISPs need to change first by enforcing stricter rules on them."
I agree wholeheartedly.
The TOS should state:
If you sign up with us and we learn you are spamming from our servers, you agree to pay us $10 for each spam email.
You must present proof of identity to get a broadband account (makes it it easier to find/presecute/sue spammers).
Non-commercial accounts are limited to 100 outgoing emails per 24-hour period. If you have a legitimate need to send more than 100 emails daily, contact our Commercial Accounts department.
Last, if we detect ONE email from your account bearing a virus, your account will be suspended until you demonstrate your machine is virus-free, and has a firewall and up-to-date anti-virus software in place.
Ignorance is curable, stupid is forever.
I really don't understand all of this paranoia over spam--especially on slashdot. You just have to be an intelligent internet user to avoid getting spam. I only get 2-3 a week--these are easily deleted. I don't run any special software or anything. Just don't give your email address to people you don't trust. If there's a form that requires an email address, put in a fake one. It's really pretty easy.
"If it's really important you should call"
It's this excuse that makes me say that email should be given the same priority as postal mail. I was a verizon user and this would not of affected me in the slightest becuase I've always used external IMAP email services and I will when the fiber is ran to my house in a few weeks.
Email is a value added service and if you truely want email to work dont let verizon handle it just get a gmail account or yahoo. Or even Runbox.com which of course I believe is a european ip but works great for IMAP/Pop3 for me.
So now I know why friends aren't responding. This is pretty poor, email ought to be an open way to communicate on the internet. I wouldn't stand for this crap; it's liek the post office would throw away the letters of your aunt because she lives in Europe. Well, back to writting good old letters.
Back when everyone was on dial-up and had dynamic IP addresses, there were legitimate grounds for hosting a central email server. However, this shouldn't be necessary for DSL, except that most ISPs have policies outlawing the running of SMTP servers despite the fact that users who do so are using less of their resources and can control email the way they choose.
What we need is to encourage, not discourage, people from doing this. Encourage the $100 router/gateway device manufacturers to include little incoming SMTP and POP/IMAP servers in their devices. Remove the restrictions in AUPs that prevent this kind of thing. Set up MX records so that customer.isp.net's email is routed to them. With DSL being always-on, recognize it with the technology and scrap dynamic IP.
These types of steps will make a dramatic difference in use of the 'net:
- Unsecured SMTP servers that are enabled by default and relay by default will become a thing of the past because ordinary users will be installing actual, useful software for the same port.
- Fighting spam will become easier. The techniques used by the typical own-domain user - creating special addresses for entities to contact you that can be closed down if that entity ever passes on that address - will become common, normal, and easy. Unless you've used such a system, you have no idea how effective it is.
- Spammers will suddenly have to send every email one time per recipient, rather than in batches as they do today. The resources required by the average spammer will increase dramatically with little gain to them. Regular commercial third-party spamming will, for the most part, die off.
- With static IP, users will gain some accountability. Net abusers can simply be firewalled off from their victims.
- The load on ISP servers will be dramatically reduced. The reduction in equipment and maintenance should translate into cost savings.
Regular IMAP servers will still be maintained by ISPs for dial-up users, but ISPs that make dumb decisions would no longer be in a position to cripple end users in quite the way described here.You are not alone. This is not normal. None of this is normal.
If you want to upset the market forces that push ISPs toward ignoring spammers, launch a DoS against their customer service desk. Get on IRC and start recruiting a cadre of 15 year olds whose parents don't pay close attention to the phone bill and have them repeatedly call the ISP with bogus questions -- or just keep calling to say "The machine on your network with IP ###.###.###.### is spewing viruses. Please blackhole it now."
Then how are they going to e-mail me? You "easy" solution is to hardly use e-mail. Of course I still get spam at accounts I've never given to anyone. If I want to eleminate spam, I should delete all my e-mail accounts.
That's it for now, I'm off to go sell my car so I can avoid car accidents.
Given Verizon's reputation, I'm not sure I'd want them to accept e-mail from me, legit or not (yes, I'm a European). I support the basic idea of rejecting all mail from certain networks, countries or even continents based on past experiences of abuse, except I'd never want my ISP to do it for me without me having a say in the matter. I know approximately from where I can expect legit mail; Verizon can't possibly tell the same for all their users.
I don't send a lot of e-mail these days, and I have yet to see any mail of mine rejected due to my IP address being blacklisted. Should that happen, I sure wouldn't waste my time requesting to be whitelisted. If Verizon or their customers don't want mail from Europe, I won't bother them, regardless of their rationale. The biggest loss is on those uninformed users who aren't getting the service they have paid for. Rather than help Verizon identify a legit mail sender, I'd help my friends identify a legit mail provider, perhaps by rejecting their mail until they take notice.
"Greylisting" (a rather misleading word, as there is no "list" in the usual sense involved, but rather a delay mechanism) happens to work today only because such a small fraction of the Internet uses that method. Forget the "legit" part; it lets through all mail as long as the sending server follows the SMTP standard and allows for a temporary failure. When spammers find out they will be 50 percent more profitable by allowing for temporary failures, they will do so, and "greylisting" will have no effect beyond that slight delay. When a majority of open relays were either closed or blacklisted in the past, spammers managed to overcome that problem. They will overcome this one too.
I myself work at a university where "greylisting" is used, and it does indeed work - for now. It's however a very selfish way of protecting your mailbox, because you have to discourage the rest of the Internet from employing it in order for it to remain efficient, much like antibiotics...
A cure worse than the disease. If you have to manually keep track of every legit server that is inconvenienced by the delay, then you are going to forget a few of them, and they may find it easier to either adjust their envelope senders or drop you from their mailing list, than to remind umpteen list members of that forgotten whitelisting.
Bringing up manual whitelisting merely implies that the automatic mechanism isn't working properly. Consider that any automatic mail filtering mechanism, including the extreme one of rejecting any and all mail from anywhere on the Internet, will actually "work" if you can manually whitelist every legit sender. It then comes down to how much of the mail you receive requires manual intervention, and how much can be dealt with automatically.
El Reg still remains blocked at the time of writing. ... At the time of writing Verizon has not responded to our requests for comment.
Is it just me... or does this seem like a "Here's your sign" comment to anyone else?
To those who don't get it: The Register says it remains blocked at the time of writing. Only a sentence later they write that they haven't received any response from Verizon. I'm willing to bet they emailed Verizon (Who is still blocking them) and their request for comments ended up in the bit bucket.
Yes, I am a smart ass; it's better than the alternative.
I run a small hosting company. We get our bandwidth from a small datacenter. The datacenter main client is heavily regulated by the government. Anyway, We are somewhat forced to live with the policies dictated by this much larger customer.
The datacenters admin at teh request of large client) blocks most all traffic from SE Asia (including a few Austraillian ISPs) as well as a large chunk of Europe. According to ARIN, The blocked ranges actually orginate in Amstrdam; however, they are used by ISPs in England, France and Germany. And probably others.
Yes SPAM is a big part fo it, but the datacenter guy said they were seeing a lot of apparent DDOS attacks, a variety of exploit attempts, from my own experience, it seemed like a lot of web site shanigans were coming from thoses ranges too.
I must admit that problems related to cracking diminished greatly after the new firewall settings where added. Though Euro-customers and Aussies were a little peaved.
My server is blocked too. It's situated in White Plains, NY.
The ISP, 1&1, is largely a UK/Germany ISP, so perhaps that's why they're on the "Europe" list, but a traceroute shows my machine is not in Europe. See IP addresses don't encode geographic location information, (Verizon - that's you, bozo).
My server isn't on any of the DNSRBL lists, is pretty tightly run, and publishes SPF records.
So, my grandpa can't get photos of his great-granddaughter on his e-mail account. Lovely. I'm suggesting he switch to a different DSL provider or a cable modem. This is the kind of thing an 80-year-old has little patience for.
My God, it's Full of Source!
OUTSIDE_IP=$(dig +short my.ip @outsideip.net)
I actually do something very similar. I email the following accounts:
abuse, admin, customerservice, help, helpdesk, sales, service, support, tech, techsupport, and root.
I figure one of those has to be checked by someone who cares.
Ohh, and I forward the entire message.
The previous has been a secret message to my comrades.
Specifically the arrogance of some of you "spam isn't so bad, you can deal with it" dudes.
First of all: Why the fuck should I be forced to buy software, services invest my time and resources just so a couple hundred lowlifes can get rich quick by shitting into the communal water supply.
Maybe spam is not a problem for you, but I can assure you that it's a helluva problem and a massively costly one for the entire internet and all its legitimate users.
There is no need to thank me.
ich bin der musikant
mit taschenrechner in der hand
kraftwerk
From yesterdays rejection log:
2005-01-17 09:08:05 H=wbar18-tmp1-4-10-136-122.tmp1.dsl-verizon.net [4.10.136.122] F= rejected RCPT : 4.10.136.122 is listed at bl.spamcop.net
My emphasis.
Belief is the currency of delusion.
100 messages per 24 hour period? I know single users who go well above that.
I run a mailing list with 1000 users on it. If a topic gets a lot of messages on a good day there may be 50 replies, so that's 50,000 to start with. Non spam, non commercial.
If zombies and trojans are the real source of spam, then the obvious solution is that ISPs should block all outbound traffic directed to port 25 on external addresses. (These zombies, as a rule, to use the ISPs own SMTP server, but send the spam directly to the recipients MX server).
This would immediately solve the zombie problem, and they only people who would be inconvenienced would be the 5% of technically competent people who might be legitimately running their own SMTP server, and even for them, it should be fairly trivial to work around.