Slashdot Mirror

← Back to Stories (view on slashdot.org)

Is There Any Reason to Report Spammers to ISPs?

Posted by Cliff on from the does-it-do-any-good dept.

marko_ramius asks: "For years I've been a good netizen and reported spam that I get to the appropriate contacts at various ISPs. In the entire time that I've done this I've gotten (maybe) 5 or 6 responses from those ISPs informing me that they have taken action against the spammer. In recent years however, I haven't gotten any responses. Are the ISP's so overwhelmed with abuse reports that they aren't able to respond to the spam reports? Do they even bother acting on said reports? Is there any real reason to report spammers?"

6 of 117 comments (clear)

  1. yep by gregm · · Score: 3, Insightful

    If nothing else just report the spammers to irritate your ISP. If enough of us eat up our ISP's time complaining, those spammer clients of their's will seem less valuable. Also as was said before, please for the love of god report them to the block lists.

    1. Re:yep by Secrity · · Score: 3, Insightful

      PROPERLY reporting spam to the PROPER ISP is not a problem and is productive. The problems are when idiots report spam to the wrong ISP and when abusive comments are added to spam reports. For spam email it is only necessary to forward the spam email with FULL headers, and with a SHORT explanation (such as "abc.com" is on your network") if the headers do not indicate why the report is being sent to a particular ISP.

      I provided tier 3 abuse support to a large ISP and set up the abuse desk for the now defunct dialup offering of the ISP, my advice to the abuse desk people was to shitcan any abuse report that contained contained abusive comments added by the person reporting the spam. Adding abusive comments is not reporting abuse, it IS abuse.

  2. Definitely report if you have clue by Peter+Cooper · · Score: 3, Insightful

    The sad thing is that most people who report spam are the idiots of the Internet who don't understand things like joe-jobbing, etc, and assume that because it says "jkrwejkrweq@yourdomain.com" in the From field, it's not necessarily anything to do with "yourdomain.com". SPF is, supposedly, a solution to this but the penetration seems pretty low. Certainly in my experience it's not usually Hotmail or Gmail customers who send the all-caps "STOP SENDING ME E-MAIL" to joe-job victims, but people on various .com domain names most likely hosted at hundreds of different budget web hosts who have poor anti-spam tools (or none at all).

  3. Re:Please continue! by mqduck · · Score: 2, Insightful

    Please don't let the silence discourage you. We're hard at work and appreciate the notices that help us keep our networks and services running smoothly for our customers.


    Here's a thought: Might giving some sort of reply, even a thank-you form letter, not keep people like Mr. marko_ramius from being discouraged? Maybe that's something you and your ilk should consider.

    (P.S. there was no hostility in the above)
    --
    Property is theft.
  4. Re:No, I strongly disagree... by walt-sjc · · Score: 2, Insightful

    YOU are not the problem. Grannie and Aunt Mathilda are. Port blocking by default with a way for savvy users to unblock solves the problem with such a MINOR inconvenience that it's a non-problem. Doing nothing will not solve the problem.

    As for you assertion that blocking inbound from dynamics is not effective, I, and MANY other ISP's disagree with you. The mail server logs don't lie. Blocked mail from dynamic space (which is ALL spam) is 75% of ALL connections to our mail servers, with other blacklists cutting it down even further. That reduces load on spamassassin and other anti-spam analysis by a factor of 6. While it hasn't STOPPED spam, it sure as hell cuts it down to a manageable level.

    I agree that ISP's need to be a lot more proactive and less reactive towards spam. Port blocking is proactive. Responding to spam complaints is closing the gate after the cows got out.

  5. Re:Yeah... by MightyMartian · · Score: 2, Insightful

    We were a pretty small ISP. We only caught two people spamming in all the time I was there, and warnings were enough to stop it. We got on RBLs once because our old mail server was an open relay, and we had no desire to let any of our customers get us back there again. The majority of spam coming from our local customers were due to worms on their computers. That is where blocking port 25 at the gateway was so damn effective.

    I have this feeling that you don't know a lot about spam and how it is propagated. There's a reason that everyone ran around blocking consumer IPs, weighting against IPs without MX records, and greylisting IPs that pumped in too many invalid addresses in a short period of time (indicating a distributed dictionary attack (it didn't help that our upstream provider was the source of a lot of these attacking addresses).

    --
    The world's burning. Moped Jesus spotted on I50. Details at 11.