If you mean what I think you mean, then yes. If you own an IP and a customer that is renting it from you spams and you don't disconnect them, you can expect to have your listing escalated until all of your IP space is listed as a preventative against the inevitable arrival of more spammers.
Rent a smarthost somewhere that doesn't have a massive spam problem and route all your mail out through it.
I get too many false positives with Spamcop, and hardly any with SPEWS, but then I don't do any business with China.
Experience shows that if a provider has one spamming customer that they won't do anything about, then it won't take long before their spamming customers start to proliferate, as spammers clue in that they are a spam friendly provider and start to set up shop. Sometimes providers have moved legitimate customers out of their IPs and put spammers there because the spammers are willing to pay more money than the legitimate customers. They put legitimate customers on IPs that were spamming in order to cause deliberate collateral damage and direct the customer's ire at those who are trying to block spam. They lie about having cut spammers off, they lie about IPs being inhabited only by legitimate customers. There's no reason for a provider to keep even a single spamming customer, and if they balk at removing that customer, the lies and flimflam are almost certain to follow. SPEWS is an early warning system, and as such lists IP's that have an elevated risk of spamming, even if they haven't spammed yet. If you're not interested in an early warning system, don't use SPEWS. Me, I like it.
Sorry about the whitespace, I'm just passing through (damn getting paged in the middle of the night and then twiddling thumbs while someone farts around trying to decide what they wanted you for).
I have been around long enough to have some educated suspicions as to some people who might be running SPEWS. Only one of those people posts occasionally to nanae, and never about SPEWS. Few real admins have the time to post much, and I suspect that SPEWS is run as an adjunct to their normal duties as admins of mail servers. They probably started out trading information with each other, and eventually decided to make it public for others to use as long as it didn't land them in SLAPP suit land.
The FAQ is quite clear. IP addresses are listed when 1) they emit spam that is received by those who run SPEWS, 2) they are advertised in spam received by those who run SPEWS, 3) they are likely to emit spam because they are under the control as the same entity that is permitting #1 or #2, and the spamming is continuing, or 4) they are likely to emit spam because they are under the control of someone associated with previous spam.
SPEWS has most certainly reduced spam to me and to my customers who use it. Since the machines belong to me and my customers, we have the right to refuse email from anybody for any reason whatsoever.
Why would you pay $50 to be removed from a spam list that is probably used by only a few people? The only power a spam list has is in how many people use it to filter mail with.
I use SPEWS and some of my customers do too.
Neither SPEWS nor "the admins who run it" "make all sorts of excuses and justifications" when challenged. SPEWS is anonymous and communicates with no one. Their accountability comes from the fact that they follow their posted criteria for listing an IP. If you like their criteria, you're free to use it. If you don't then don't use it. If they were to start making numerous errors or listing outside their policies people would stop using them.
There are a large number of lax providers that cleaned up solely to get out of SPEWS. So I would say that they have had an impact on spam.
It is also necessary to block inbound packets with source port 25. Spammers often use split piping. Packets from the spammer to the victim are sent from a high bandwidth connection, but with the originating IP set to the hijacked PC, so that the victim sends the acks and small amount of SMTP conversation from the victim server to the hijacked PC (these packets have a source port of 25) thus disguising the spammer's fat pipe, and allowing them to keep from having their more expensive and difficult to set up bandwidth from getting disconnected all the time. If a hijacked PC gets fixed they just move on to another.
Slashdot Mirror
If you mean what I think you mean, then yes. If you own an IP and a customer that is renting it from you spams and you don't disconnect them, you can expect to have your listing escalated until all of your IP space is listed as a preventative against the inevitable arrival of more spammers.
Rent a smarthost somewhere that doesn't have a massive spam problem and route all your mail out through it. I get too many false positives with Spamcop, and hardly any with SPEWS, but then I don't do any business with China.
SPEWS doesn't have a "charity fee" and never has. I suspect you mean SORBS.
Experience shows that if a provider has one spamming customer that they won't do anything about, then it won't take long before their spamming customers start to proliferate, as spammers clue in that they are a spam friendly provider and start to set up shop. Sometimes providers have moved legitimate customers out of their IPs and put spammers there because the spammers are willing to pay more money than the legitimate customers. They put legitimate customers on IPs that were spamming in order to cause deliberate collateral damage and direct the customer's ire at those who are trying to block spam. They lie about having cut spammers off, they lie about IPs being inhabited only by legitimate customers. There's no reason for a provider to keep even a single spamming customer, and if they balk at removing that customer, the lies and flimflam are almost certain to follow. SPEWS is an early warning system, and as such lists IP's that have an elevated risk of spamming, even if they haven't spammed yet. If you're not interested in an early warning system, don't use SPEWS. Me, I like it. Sorry about the whitespace, I'm just passing through (damn getting paged in the middle of the night and then twiddling thumbs while someone farts around trying to decide what they wanted you for).
If they had very little support, then why would anybody like Telewest care if they got in SPEWS?
I have been around long enough to have some educated suspicions as to some people who might be running SPEWS. Only one of those people posts occasionally to nanae, and never about SPEWS. Few real admins have the time to post much, and I suspect that SPEWS is run as an adjunct to their normal duties as admins of mail servers. They probably started out trading information with each other, and eventually decided to make it public for others to use as long as it didn't land them in SLAPP suit land. The FAQ is quite clear. IP addresses are listed when 1) they emit spam that is received by those who run SPEWS, 2) they are advertised in spam received by those who run SPEWS, 3) they are likely to emit spam because they are under the control as the same entity that is permitting #1 or #2, and the spamming is continuing, or 4) they are likely to emit spam because they are under the control of someone associated with previous spam. SPEWS has most certainly reduced spam to me and to my customers who use it. Since the machines belong to me and my customers, we have the right to refuse email from anybody for any reason whatsoever.
Why would you pay $50 to be removed from a spam list that is probably used by only a few people? The only power a spam list has is in how many people use it to filter mail with.
I use SPEWS and some of my customers do too. Neither SPEWS nor "the admins who run it" "make all sorts of excuses and justifications" when challenged. SPEWS is anonymous and communicates with no one. Their accountability comes from the fact that they follow their posted criteria for listing an IP. If you like their criteria, you're free to use it. If you don't then don't use it. If they were to start making numerous errors or listing outside their policies people would stop using them. There are a large number of lax providers that cleaned up solely to get out of SPEWS. So I would say that they have had an impact on spam.
It is also necessary to block inbound packets with source port 25. Spammers often use split piping. Packets from the spammer to the victim are sent from a high bandwidth connection, but with the originating IP set to the hijacked PC, so that the victim sends the acks and small amount of SMTP conversation from the victim server to the hijacked PC (these packets have a source port of 25) thus disguising the spammer's fat pipe, and allowing them to keep from having their more expensive and difficult to set up bandwidth from getting disconnected all the time. If a hijacked PC gets fixed they just move on to another.