"Mr. Linford said he believed that spammers could be contained, if not eliminated. A tough new anti-spam law in Europe will help, he said. The proposed Can-Spam act in the United States, he said, is not tough enough, but he figures that when it fails to work, Congress will have to make a stronger law. But Mr. Linford gloomily predicts that spammers will simply move more of their operations to Asia and Latin America."
Fine, let the spammers move their servers to asia and latin america. I've already banned so much of LACNIC and APNIC ip ranges (excluding the known.nz and.au ranges) that i doubt i'd see any spam from these regions in the future.
/20 isnt that agressive. Probably your isp kept moving the spammers around and spamhaus said fuck it and plonked a bigger range. Stop blamming the blacklists and start yelling at your isp to stop hosting spammers. If your going to live in a crackhouse, dont be surprised when your friends refuse to visit you.
Your right, verio and C&W dont give a shit about me, or the thousands of other mail admins they spam the fuck out of. And yes, Earthlink, aol, msn, etc would never let me firewall as heavily as i do so now. But then they get BLASTED with insane amounts of spam, and i get maybe 1-2 pieces of pink crap a month, max. Thats why i run my own server. I got sick of companies not taking an agressive approach to spam. The big boys are welcome to handicap their mail admins and keep the deluge of spam sent to them. I'll keep plonking the spamming fuckwits as i desire and enjoy my clean inbox;)
i dont think 217.199/16 is owned by one organzation there. I did whois lookups on 217.199.0.0, 217.199.36.0, etc, and got different results. Parts of it are italian netspace (fyi: i block ALL of.it because of the massive amounts of spam coming from there, google for spam and italy).
In any case, as others have pointed out, host europe has a bad reputation, and a google search of NANAE with that term pulled up a LOT of hits regarding them. If you dont want to be blacklisted as Collatoral damage (or worse, get firewalled by a pissed off admin), your best off finding a non spam haus isp.
more then likely, your hosting service refused to act on spam complaints, and spews kept escalating the listing untill the whole/16 got nuked (would you indulge my curiousity and tell me what/16 your on? I'm willing to bet its a major spam haus). Spews wasnt trying to get that one spammer only, its trying to beat some sense into your hosting service by bitch slapping them. You are collatoral damage.
Changing isps every 3 weeks isnt viable, but when you pick isps in the first place, do you homework. Pick a good one once, and your very unlikely to ever have to worry about Spews. The reason why Spews is a problem for you is because a LOT of mail admins including me use it. Spews itself IS NOT your problem, its your isp thats the problem for refusing to deal with spammers on their network. We collectively have decided that when a major isp refuses to deal with their spam problem, that we'll refuse to deal with them. And your caught in the middle.
Hypothetically, if Spews ever died, you'd have far worse problems. Why? For example, I HEAVILY firewall off large isps that have major spam problems, you should see my ruleset for blocking. Not counting the geographic bans, its at 944 entries, and each entry drops a/24 at a minimun, with most entries taking out a/16 to/20. And I know i am not the only one doing this.
Now imagine your isp starts harboring a spam gang (ala Verio or C&W) and blatantly lies and refuses to get rid of the spammers despite all complaints. This quickly gets noticed in NANAE, and mail admins will start dropping that entire hosting service into their deny lists and firewalls. Good luck EVER getting out of 1000's of firewalls and deny lists. At least you can get off Spews if your isp cleans up.
and the spammers will continue to waste your network bandwidth and resources. Content based filtering is a inperfect solution at best, and one that does NOTHING to discourage the spammers. Only heavy blocking of spam friendly countries and isps seems to do much to discourage more spam.
if an admin did this, then he's a complete dumbass that fails to understand the purpose and reason behind spews and the other blacklists. If some spam friendly isp REFUSES to kick their spammers off, like att, c&w, exodus, qwest, cogent, internap, burst, etc etc etc, then they should expect to be heavily blacklisted. And if an admin (btw: i am a network admin myself) is DUMB enough to host with a known spam haus, then he or she shouldnt be surprised when their mail gets bounced with a flurry of 550's.
Its called doing your home work. Before you host that server, find out the history of your provider, dont go by the slick promises that they have an AUP. Find out if they really enforce it. Find out if they have any spamhaus listings (fyi: spamhaus.org is very conservative, and if you have a listing there, its a bad sign). Check on NANAE and ask if a given provider has a bad rep or not.
Finally, spews doesnt go overboard. Spews is designed to put a LOT of pressue on isp's that dont kick their spammers. And it does work. If you get caught in spews and your not a spammer, dont bitch to Spews. Spews wont care, and the thousands of mail admins who use it, like me, wont care either. Bitch to your spammy isp to clean up, and if they refuse, cancel the contract and move to a better neighborhood.
you really think the FBI (aka Fascist Bureau of Instigation) would lift a damn finger? They certainly didnt when osirusoft got taken all the way out. The FBI only cares about Thoughtcrime and crimes against major campaign donors. Anyone else simply doesnt matter. We're on our own here, and we're gonna have to fix this problem ourselves.
they harvested my spamtrap addy i use here on slashdot and started spamming it. Immiedate larts were sent to their hosting service) and spamcop. After a couple of bitches sent to the hoster, they terminated phantom.
Proof of phantom's spamming at http://groups.google.com/groups?q=phantom.net++gro up:news.admin.net-abuse.sightings+group:news.admin.net-abuse.sightings+group:news.admin.net-abuse.si ghtings+group:news.admin.net-abuse.sightings&hl=en &lr=&ie=UTF-8&oe=UTF-8&group=news.admin.net-abuse. sightings&scoring=d&selm=636e0509.0310090928.34017 a74%40posting.google.com&rnum=1
And Proof of the kill is at http://mail.btfh.net/dead-spammer.txt
adobe rectally self inserts 12 gauge shotgun loaded with slug rounds, and pull trigger repeatedly. Between Bullshit (er product) activation and the heinous crime they commited against Sklyarov, I see no reason for anyone to legally give Adobe one cent. Warez their products or use an alternative.
after 60 minutes, it notifies the luser the mail is having problems arriving to the destination host but the server will keep trying, and after 48 hours notifies the user the message cant be delivered at all.
I gave verislime a big hearty fuck you two weeks ago by downloading the newest bind, turned on the delegation option, and then promptly null routed the sitefinder ip as additional insurance.
I'm surprised the rest of you guys didnt all do the same as well.
hmm, granted i am not a lawyer, but i'd bet you could have that part of the contract tossed out as unreasonable by a judge. If they dont deliver the service, then they dont deserve the money. Occasional failure is a dropped call here and there, not the whole damn network dropping out and dying for a day or two.
that explains why i've seen a huge amount of bell south dialup and dsl spam in the past few months. I've been damn busy filling up the firewall with blocks of their network.
# bell south dynamic blocks iptables -A spam -s 68.158.0.0/16 -j DROP iptables -A spam -s 216.79.0.0/16 -j DROP iptables -A spam -s 68.154.0.0/16 -j DROP iptables -A spam -s 68.18.0.0/15 -j DROP iptables -A spam -s 67.34.0.0/16 -j DROP iptables -A spam -s 65.80.0.0/14 -j DROP iptables -A spam -s 216.76.0.0/14 -j DROP iptables -A spam -s 66.156.0.0/15 -j DROP
do you really think ashcroft and co give a rat fuck? If your not a fortune 500 company or a huge donor to the Republican Party (tm), you dont even register on their radar.
simple, i run my own mail service, so anytime some spammer pisses me off, i firewall his hosting service (or at least a good chunk of it, cogent just lost another/16 as we speak) from sending me further port 25 traffic. I do love iptables : )
also try porn sites, gambling sites, and more importantly, paste it on slashdot. My spam trap address here gets hit ALL the time, usually several times a day, which has helped me greatly in tuning my firewall.
heh, i wasnt saying asian countries were inferor (i love how if you block a certain country, your considered a racist), i was implying they have major spam problems. As the mail admin for about 20 or so domains, i see where the spam comes from. Yes, the US generates the most spam over all (and believe me, i block the spamming motherfuckers at sprint and bell south like you wouldnt believe, my firewall that pertains to spammers runs at 852 lines and growing). But on a per ip basis, the asian ip ranges tend to be the worst (though south america is making a run at #1).
The asian isps also (with notable exception of outblaze) tend to not respond to larts or spamcop notifications. Go to NANAE sometime and ask the regulars there how many of them block all of china, taiwan, hongkon, singapore, etc.
And finally, i checked the spam cop in progress link at about 1:05am pst time, and roughly 1/4 of all the references there at that time were from asian ip ranges.
Slashdot Mirror
i got a huge chunk of their netspace firewalled for spamming too. Fuck em. If i start getting spam from aol netspace, it goes into the firewall too.
well i own fuckedregime.com :) Close enough i think :)
Qoute
.nz and .au ranges) that i doubt i'd see any spam from these regions in the future.
"Mr. Linford said he believed that spammers could be contained, if not eliminated. A tough new anti-spam law in Europe will help, he said. The proposed Can-Spam act in the United States, he said, is not tough enough, but he figures that when it fails to work, Congress will have to make a stronger law. But Mr. Linford gloomily predicts that spammers will simply move more of their operations to Asia and Latin America."
Fine, let the spammers move their servers to asia and latin america. I've already banned so much of
LACNIC and APNIC ip ranges (excluding the known
/20 isnt that agressive. Probably your isp kept moving the spammers around and spamhaus said fuck it and plonked a bigger range. Stop blamming the blacklists and start yelling at your isp to stop hosting spammers. If your going to live in a crackhouse, dont be surprised when your friends refuse to visit you.
is over three weeks old.
Your right, verio and C&W dont give a shit about me, or the thousands of other mail admins they spam the fuck out of. And yes, Earthlink, aol, msn, etc would never let me firewall as heavily as i do so now. But then they get BLASTED with insane amounts of spam, and i get maybe 1-2 pieces of pink crap a month, max. Thats why i run my own server. I got sick of companies not taking an agressive approach to spam. The big boys are welcome to handicap their mail admins and keep the deluge of spam sent to them. I'll keep plonking the spamming fuckwits as i desire and enjoy my clean inbox ;)
i dont think 217.199/16 is owned by one organzation there. I did whois lookups on 217.199.0.0, 217.199.36.0, etc, and got different results. Parts of it are italian netspace (fyi: i block ALL of .it because of the massive amounts of spam coming from there, google for spam and italy).
In any case, as others have pointed out, host europe has a bad reputation, and a google search of NANAE with that term pulled up a LOT of hits regarding them. If you dont want to be blacklisted as Collatoral damage (or worse, get firewalled by a pissed off admin), your best off finding a non spam haus isp.
more then likely, your hosting service refused to act on spam complaints, and spews kept escalating the listing untill the whole /16 got nuked (would you indulge my curiousity and tell me what /16 your on? I'm willing to bet its a major spam haus). Spews wasnt trying to get that one spammer only, its trying to beat some sense into your hosting service by bitch slapping them. You are collatoral damage.
/24 at a minimun, with most entries taking out a /16 to /20. And I know i am not the only one doing this.
Changing isps every 3 weeks isnt viable, but when you pick isps in the first place, do you homework.
Pick a good one once, and your very unlikely to ever have to worry about Spews. The reason why Spews is a problem for you is because a LOT of mail admins including me use it. Spews itself IS NOT your problem, its your isp thats the problem for refusing to deal with spammers on their network. We collectively have decided that when a major isp refuses to deal with their spam problem, that we'll refuse to deal with them. And your caught in the middle.
Hypothetically, if Spews ever died, you'd have far worse problems. Why? For example, I HEAVILY firewall off large isps that have major spam problems, you should see my ruleset for blocking. Not counting the geographic bans, its at 944 entries, and each entry drops a
Now imagine your isp starts harboring a spam gang (ala Verio or C&W) and blatantly lies and refuses to get rid of the spammers despite all complaints. This quickly gets noticed in NANAE, and mail admins will start dropping that entire hosting service into their deny lists and firewalls. Good luck EVER getting out of 1000's of firewalls and deny lists. At least you can get off Spews if your isp cleans up.
and the spammers will continue to waste your network bandwidth and resources. Content based filtering is
a inperfect solution at best, and one that does NOTHING to discourage the spammers. Only heavy blocking of spam friendly countries and isps seems to do much to discourage more spam.
if an admin did this, then he's a complete dumbass that fails to understand the purpose and reason behind spews and the other blacklists. If some spam friendly isp REFUSES to kick their spammers off, like att, c&w, exodus, qwest, cogent, internap, burst, etc etc etc, then they should expect to be heavily blacklisted. And if an admin (btw: i am a network admin myself) is DUMB enough to host with a known spam haus, then he or she shouldnt be surprised when their mail gets bounced with a flurry of 550's.
Its called doing your home work. Before you host that server, find out the history of your provider, dont go by the slick promises that they have an AUP. Find out if they really enforce it. Find out if they have any spamhaus listings (fyi: spamhaus.org is very conservative, and if you have a listing there, its a bad sign). Check on NANAE and ask if a given provider has a bad rep or not.
Finally, spews doesnt go overboard. Spews is designed to put a LOT of pressue on isp's that dont kick their spammers. And it does work. If you get caught in spews and your not a spammer, dont bitch to Spews. Spews wont care, and the thousands of mail admins who use it, like me, wont care either. Bitch to your spammy isp to clean up, and if they refuse, cancel the contract and move to a better neighborhood.
you really think the FBI (aka Fascist Bureau of Instigation) would lift a damn finger? They certainly didnt when osirusoft got taken all the way out. The FBI only cares about Thoughtcrime and crimes against major campaign donors. Anyone else simply doesnt matter. We're on our own here, and we're gonna have to fix this problem ourselves.
try this
.
go to http://groups.google.com
do a search for "some bastard phantom"
The first listing at the top is my spam report.
they harvested my spamtrap addy i use here on slashdot and started spamming it. Immiedate larts were sent to their hosting service) and spamcop. After a couple of bitches sent to the hoster, they terminated phantom.
o up:news.admin.net-abuse.sightings+group:news.admin .net-abuse.sightings+group:news.admin.net-abuse.si ghtings+group:news.admin.net-abuse.sightings&hl=en &lr=&ie=UTF-8&oe=UTF-8&group=news.admin.net-abuse. sightings&scoring=d&selm=636e0509.0310090928.34017 a74%40posting.google.com&rnum=1
Proof of phantom's spamming at http://groups.google.com/groups?q=phantom.net++gr
And Proof of the kill is at
http://mail.btfh.net/dead-spammer.txt
too bad the shit for brains lamer never heard of mozilla.
adobe rectally self inserts 12 gauge shotgun loaded with slug rounds, and pull trigger repeatedly. Between Bullshit (er product) activation and the heinous crime they commited against Sklyarov, I see no reason for anyone to legally give Adobe one cent.
Warez their products or use an alternative.
after 60 minutes, it notifies the luser the mail is having problems arriving to the destination host but the server will keep trying, and after 48 hours notifies the user the message cant be delivered at all.
I gave verislime a big hearty fuck you two weeks ago by downloading the newest bind, turned on the delegation option, and then promptly null routed the sitefinder ip as additional insurance.
I'm surprised the rest of you guys didnt all do the same as well.
hmm, granted i am not a lawyer, but i'd bet you could have that part of the contract tossed out as unreasonable by a judge. If they dont deliver the service, then they dont deserve the money. Occasional failure is a dropped call here and there, not the whole damn network dropping out and dying for a day or two.
i'd refuse to pay the penalty, they arent delivering the service, so why should you have to pay the fuckwits any more?
that explains why i've seen a huge amount of bell south dialup and dsl spam in the past few months. I've been damn busy filling up the firewall with blocks of their network.
# bell south dynamic blocks
iptables -A spam -s 68.158.0.0/16 -j DROP
iptables -A spam -s 216.79.0.0/16 -j DROP
iptables -A spam -s 68.154.0.0/16 -j DROP
iptables -A spam -s 68.18.0.0/15 -j DROP
iptables -A spam -s 67.34.0.0/16 -j DROP
iptables -A spam -s 65.80.0.0/14 -j DROP
iptables -A spam -s 216.76.0.0/14 -j DROP
iptables -A spam -s 66.156.0.0/15 -j DROP
do you really think ashcroft and co give a rat fuck?
If your not a fortune 500 company or a huge donor to the Republican Party (tm), you dont even register on their radar.
Welcome to the Corporate States of America. (tm)
no, because its not bulk or commerical in nature. Also you have a "prior" relationship with your old classmate.
simple, i run my own mail service, so anytime some spammer pisses me off, i firewall his hosting service (or at least a good chunk of it, cogent just lost another /16 as we speak) from sending me further port 25 traffic. I do love iptables : )
also try porn sites, gambling sites, and more importantly, paste it on slashdot. My spam trap address here gets hit ALL the time, usually several times a day, which has helped me greatly in tuning my firewall.
heh, i wasnt saying asian countries were inferor (i love how if you block a certain country, your considered a racist), i was implying they have major spam problems. As the mail admin for about 20 or so domains, i see where the spam comes from. Yes, the US generates the most spam over all (and believe me, i block the spamming motherfuckers at sprint and bell south like you wouldnt believe, my firewall that pertains to spammers runs at 852 lines and growing). But on a per ip basis, the asian ip ranges tend to be the worst (though south america is making a run at #1).
The asian isps also (with notable exception of outblaze) tend to not respond to larts or spamcop notifications. Go to NANAE sometime and ask the regulars there how many of them block all of china, taiwan, hongkon, singapore, etc.
And finally, i checked the spam cop in progress link at about 1:05am pst time, and roughly 1/4 of all the references there at that time were from asian ip ranges.