[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [Fwd: Re: Spamassasin over RBL, was Re: rblsmtpd -t?]

> >
> > Using your mentality, then everything always gets escalated to the
highest
> > point (since everyone below the top-most ISP is essentially a
customer).
> > So... essentially, the highest point is nearly always the network
> > provider... UUnet, Level3, MCIWorldcom... whomever owns the actual
> > physical cable.
> >
>
> Calm down and think it through.
>
> There is a chain of responsiblity and any incident can be escalated.
>
> If ISP1 is on Sprint and ISP1 takes no action about
> spam from spammer-leaf-node-on-ISP1, then one needs to escalate to
> Sprint to take action to enforce aup on ISP1.  If it turns out that
> sprint pipes mail to abuse@ into /dev/null, or even has a yellow
> contract with ISP1 that permits spam, then what?  Or it might be
> that an ISP is trying to do something about a customer (monsterhut)
> or is just half-assed.  Maybe you use rfc-ignorant.

I understand completely on what you are trying to say. Naturally, if a
downstream customer of, for example, UUnet, refuses to take any action
against their spamming users, then UUnet must step in to do something.

However, my point is... on the actual size of the "customer". For
example... if the customer was small ISP with 500 users, then 100 spam
complaints against that small ISP would obviously mean something is
seriously wrong with that small ISP (technically, or otherwise), and UUnet
would be justified in either cutting off the small ISP or doing other
similar actions.

If the customer was a large ISP with 5M users, then 100 spam complaints
doesn't seem so many when you look at it from a top-down picture, and
UUnet may not be justified in cutting off that large ISP for those
complaints, EVEN THOUGH the number of complaints is the same as the small
ISP. Now... if the complaints were 10,000, then obviously they have a
problem... if you agree with this thinking, then we are thinking along the
terms of ratios and mail volumes, and then we start looking at the methods
employed by RBLs like Spamcop.

Hence, it makes sense that large customers (such as large ISPs,
Universities, etc.) are given more breathing room regarding complaints,
and are allowed to handle this more.

Does this make sense?

>
> It's also possible that your standards might not jibe with everyone
> elses.  Me, I think any site sending email that will not accept bounces
> deserves to go into RBL.  Not everyone would even qualify such email
> as spam, but we do.

I thought there was more-or-less a standard "definition" of "spam"...
unsolicited bulk email. Are bounces going to /dev/null, or such,
unsolicited bulk email? Perhaps I am mistaken regarding the definition.

> You might decide that your customers cannot live without Sprint.  You
> might decide that they cannot live **long term** with such actions.  Or
> you might give them a choice.

Well... if it was personal email, i could probably accept it.

For business email, even a few missed customer emails would be more than
unacceptable.

So RBLs that employ "netblock"-wide filters are unacceptable... only ones
that target specific IPs would do well as they, obviously, would have less
effect that a block on a whole ISP like Sprint. That would mean more spam
gets through, but as a business, i think that is better.

Jason


-- 
To UNSUBSCRIBE, email to debian-isp-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
Reply to: