[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: How I killed spam without TMDA

Kirk Strauser wrote:
> I feel badly that your ISP has taken on a spammer as a paying customer,
> and that it is causing problems for you and their other legitimate
> customers, but it seems as though the blacklist is returning accurate
> information.

    Technically, yes.  It is returning a broad spectrum and saying "there are
spammers in here, somewhere".  But the way it is applied (via your
configuration) is having the effect of "all mail from here is spam".  All cats
are animals, not all animals are cats.

    That is why I said in my initial reply that I prefer to use RBLs to add
weight to the argument a message is spam but not as a sole pass/fail test of
the message being spam.  You could easily move those checks into the
SpamAssassin phase where that is exactly how they are treated.

> I trust that you're not a spammer, but my mailserver has a
> pretty good (and seemingly valid) reason to believe that mail originating
> from your netblock is likely to be spam. 

    But it wasn't, was it?  That's why you used the words "likely to be spam"
but your filtering does not reflect that.  Your filters are saying it *IS*
spam and therefore you're risking getting false positives.

> Have you screamed at your ISP yet?

    Yup, loudly.  I'm not the first nor will I be the last.  And no, it isn't
my ISP.  I am leasing a machine from ServerPronto which is linked to a company
that does house spammers.  My ISP (in this case, Cox) doesn't even let their
own customers send out on 25 much less run a mail server.

    Anyway, to explain (since yeah, clearly I knew the block was there) I had
leased a machine from another company up in Seattle, forget the name.  They
had the absolutely worst record on connection and uptimes.  I often would have
2-3 hours of 80-90% packet loss in the middle of the evening becuase they
couldn't figure out how to cap other people on the same segment.  After being
moved 3-4 times I had enough and started searching for another place to lease
a machine.

    Finding places that lease out decent Debian boxes for fairly cheap is not
easy.  I had narrowed it down to Managed.com and ServerPronto.  Managed.com
was $60/month for the same machine and twice the bandwidth as the ServerPronto
box.  Since my domain didn't require the bandwidth that wasn't a concern.
ServerPronto was $150 setup and $30/month.  Larger cost up front, lower cost
over time and I planned on keeping any leased machine running until it fell
over.  Also on all the research I did on the two companies Managed.com had
lots of complaints against it while ServerPronto did not.

    So I ordered the ServerPronto box, moved my domain over and was happy
until about a week later when I tried to mail the Exim list and was rejected
for the spamhous block.

    Lesson learned.  When leasing machines check the netblock you'll be in
against the RBLs.  :(

    I bitched to them and they said, flat out, "We can't control what they
do."  So they don't want to eject the spammers.  I plan on riding it out until
the 6 month mark.  That's the point where the cost between Managed.com and
ServerPronto breaks even and neutralizes my mistake.  I'll then look-up
Managed's netblock, look around for any other services offering Debian boxes
and move.

         Steve C. Lamb         | I'm your priest, I'm your shrink, I'm your
       PGP Key: 8B6E99C5       | main connection to the switchboard of souls.

Attachment: signature.asc
Description: OpenPGP digital signature

Reply to: