[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

OT: *****SPAM***** Re: unstable is "unstable"; stable is "outdated"]

> > That is why we suggest that businesses use ORDB (http://www.ordb.com)
> > it blocks most spam, but ONLY blocks spam and very rarely legitimate
> > emails (we use this list for our personal emails too).
> ORDB (ordb.ORG) lists open relays, SPEWS lists spammers. Using ORDB is
> very effective for blocking spammers who abuse open relays, but SPEWS
> can stop the direct spammers and their hosts.

How are the spammers going to get their emails out? Most, if not all must
use open relays to send them out. Nowadays I think nearly all ISPs block
direct sending of email from their IPs (that is, they cannot send "direct
to MX" email anymore, they must use either their ISP's email servers, or
an open relay somewhere). I think this is a good move by ISPs as it is
effective and is technically easy to do (simple port blocking) so even the
smallest of ISPs can implement this.

Following that logic, it makes sense that if you block the method spammers
use to send out emails, then no spam will be sent out.

> Unless one's customers are clueful enough to be able to report spam
> I would recommend using relays.ordb.org and relays.osirusoft.com (or
> bl.spamcop.net when it is ready). I have found that my users are
> more understanding of the possibility of a legitimate e-mail being
> bounced when it comes from a bad source, than their e-mail address
> on a web site resulting in all sorts of dubious offers.

> Not in my experience. They block networks owned by spammers and they
> networks which host spammers. I have yet to see SPEWS block a
> user on a clean network. It is all too easy for spammers to spew from
> location while hosting at another, and SPEWS recognises that.


Perhaps this converstaion with a person who got "caught", just like others
in Spews, will enlighten you:

> I *do* believe some of Sprint's customers (not you) may be spamming. I
> not in the USA and not sure of the whole picture over there, but I do
> believe if a Sprint customer is spamming, you should block whatever the
> spammer is using, rather than block the whole ISP, and not care what
> happens.

Sprint just keeps assigning him new network blocks, safer to list entire
Sprint ranges, eg: -

Exactly.. when they block an innocent network to pressure a major
thay have crossed the line from being a good blacklist to being a tool for
extortion and libel.

What makes it worse is then they hide and don't take responsability.
Even Orbs had a contact email address.

What Spews has done is gone from a good guy to a bad guy in my book. No
blacklist is a good one if
if it blocks the innocent and refuses to remove them even though no spam
from them. Open relays.. yes. KNOWN spammer ip's and netblocks.. yes. A
whole class B
of a major provider "just to be safe".. NO. Spews is just going to hurt
just like ORBS did.

Spews goal should be the blockage of spam. If its main goal is to pressure
companies it does
not like it will get into trouble, again..just like ORBS did.

> > I have a friend who also does this. We both dropped spews because of
> > much legit mail being blocked. This was before all this happened..
> several
> > weeks ago we tried them for awhile.
> >
> > I bet that most nets don't use them just like we decided not too.
> Yes, and with additional information and facts sent to the remaining
> that do, they will probably drop Spews too. I'll check the logs and see
> any other prominent sites also use Spews, and I'll notify them too (not
> that i'd have much say compared to outblaze, but it's worth a shot, and
> a few more ISPs send these companies information like this, they would
> want to bother with Spews anymore).
> What do you think?

Thats a good plan and the one I am going to use. I will forward you a copy
of my letter when I can.

Now that Ive thought about this more I think Spews will dig its own grave.
The reason we are on their list is unjust and will cause others to drop
as the "word" gets out.


> > automated testing to block mail servers, rather than rely on the
> > of one or two unaccountable people with their own ideas.
> SPEWS is accountable to every person who uses SPEWS. If we don't like
> their decisions we don't use their list. At the moment it seems the
> number of people who use SPEWS is growing, because it is proving very
> effective at blocking spammers and encouraging networks to be more
> responsible.

Well, the sad fact is that most people do not take the time to fully
understand what is going on. Spews *sounds* like a good idea, until you
actually check the content of the database.

Anyway, if one chooses to continue to use Spews and/or other blocklists
that operate in such a fashion, then let them go ahead. Sooner or later
Spews will step on too many good people's feet, and things will come out.

Let us leave it to the reader to decide, based on the facts, as to what
blocklist to select from. There are many blocklists operating now besides
Spews, so the selection is wide and varied. Let us *NOT* start a flamewar
regarding this, as this is not he appropriate forum for such things, so
please do not relpy to myself nor the debian-ISP list.

Reply to: