how-to block ads
|
madylarian
The curmudgeonly
Premium
join:2002-01-03
Parkville, MD
| reply to K Patterson
Re: [Spam] Comcast reporting spam from my IP
said by K Patterson  :I don't understand, perhaps because I really don't know what listwashing is. Can you explain a little more? thanks, Listwashing means that the complaining addresses are removed from the spammer's list and the spammer just keeps on spamming because most people just delete rather than complain.
mady
--
Honi soit qui mal y pense | |
koitsu
Premium
join:2002-07-16
Mountain View, CA
1 edit | reply to funchords
said by funchords :But, please, calling koitsu a spammer is not customer support and nobody should be trying to explain why he should just live with it. It's a sign that something is broken and needs to be fixed. Thanks, your sentiments are greatly appreciated.
The part that frustrates me (and I apologise in advance if this sounds narcissistic): I'm the perfect candidate to work with Comcast to get this fixed. This is where having a good technical skill set comes into play.
I understand that by this point most of the support reps are probably attuned to "What is a trojan?? What do you mean my computer sent spam?? I just want my mail to work!" responses from customers. But I'm not one of those, and I did my best to make the Abuse guy aware of that fact (and he did acknowledge it). I was hoping it would establish a sense of trust.
It does appear that the reasoning behind why Comcast doesn't "work more with customers" on issues like this is because of either managerial red tape (paranoia), or legal aspects. I understand the "they don't provide details to minimise retaliation" aspect, and I can see the justification in that. But there needs to be some common ground established between the customer and the provider.
My reasons for being wary/untrustworthy at this point, I feel, are justified. I sincerely believe at this point, one of these is what's happening here. This is purely speculative, just for the record:
1) Outound mail (sent through Comcast's mail servers) are scanned on Comcast's systems using spam analysis software, and if the mail receives a high score, sets a "red flag" somewhere with Abuse/whomever to put an ACL on the account.
Along those same lines, maybe they use something like log analysis software and saw that within X number of minutes or seconds I sent X number of mails, and that caused a "red flag". This type of system is very common, and needs to be tuned appropriately to get accurate results; too sensitive and situations like this happen.
2) My use of smtp.comcast.net port 25, without SMTP AUTH, flagged me within Comcast as a "possible spammer". Of course I've been using this method for years, so I'm not sure what would have caused Comcast to get sensitive about it *now*.
3) An Abuse person at Comcast received either a falsified report of spam (e.g. modified Received: headers) and simply assumed what was shown to be true.
If this is how the process works, this is very, very bad. I want to believe the Abuse folks are able to go onto the Comcast SMTP servers and verify that the Comcast IP did in fact sent the mail, AND that the mail queue IDs match. How do I know they're doing that and not just blindly trusting what some Internet jhonka sends them? (This is why I said an experiment would be interesting.)
4) An Abuse person at Comcast received a legitimate spam complaint, but misread or typo'd the IP in the Received headers, causing them to go on a wild goose chase. "Oh look, this guy is using smtp.comcast.net port 25 with no authentication!", even though the report may not have been about me.
I can spend the rest of my life speculating, I'm sure.  It doesn't diminish the fact that this exact situation will happen to someone else. I'd love to work with Comcast to figure out what happened here, but their hands appear tied as I said before. | |
funchords
Hello
Premium,MVM
join:2001-03-11
Washington, DC
 ·Verizon Online DSL
 ·Skype
4 edits | A couple of years ago, someone decided that they could save Comcast money at the abuse desk and dreamed up this dominoes cum chutes and ladders method to replace some of the workload.
It's now part automaton, part scripted, part Sandvine (yes, that Sandvine), part server, part reputation score and the people that support it -- good people -- get a bit overwhelmed due to the strange set of rules that apply (a user is a spammer if he sends 11 mails in 10 minutes of 9 lines or more using 8 from addresses or 7 blank lines at the end).
Rather than admit mistake, an overwhelmed and powerless employee in certain anti-customer cultures do not respond by admitting surprise or enlightenment, they rather maintain their frustratingly defenseless position despite evidence, despite debate, despite conclusive judgments to the contrary. Powerless over the situation, there is no professional curiosity, nor co-ownership of the customer's problem. Criticism doesn't lead to change there, it leads to entrenchment.
The report, faked or forged? -- regardless. There are two active threads, one right next to each other. Comcast called both OP's "spammers." One guy sends 500 messages, perhaps UCE (perhaps double opt-in, we just don't know) but certainly not the spam problem common to the Internet. The other guy is you. Comcast cut you both off. If cutting the two of you off is fighting spam, then Comcast is bringing squirt guns to a forest fire.
And in both threads, helpful people (and sincerely so) trying to explain why what happened happened -- lost in the technical detail of what tripped what without regard to the view from just a few steps farther away: good customers are getting bad experiences. That's okay, it's just justifiable as "collateral damage" in a war to help ensure "a good experience for most of our users."
I, for one, am sick of it.
These aren't Freebie NetZero accounts. This isn't Hotmail (sorry). This is paid-for premium Internet service! Customers deserve better.
--
Robb Topolski -= funchords.com =- Hillsboro, Oregon
More features, more fun, Join BroadbandReports.com, it's free...
| |
bigchris
Do Not Shoot The Messenger
Premium,MVM
join:2002-04-29
Leesburg, VA
·Vonage
| reply to koitsu
Koitsu, Funchords, I didn't want to let this sit and become gospel truth because it isn't addressed.
Koitsu, I can assure you that your speculations are not accurate.
Funchords, your comment about sending rates that will get you labeled as a spammer as not accurate either, they are simply limits. | |
koitsu
Premium
join:2002-07-16
Mountain View, CA
| said by bigchris :Koitsu, Funchords, I didn't want to let this sit and become gospel truth because it isn't addressed. Koitsu, I can assure you that your speculations are not accurate. Funchords, your comment about sending rates that will get you labeled as a spammer as not accurate either, they are simply limits. I want to believe you bigchris , but the fact of the matter still stands: Comcast applied an outbound block on my modem for TCP port 25 due to "a report of spam", yet cannot actually provide me any evidence of it happening -- because all the evidence I have shows no such thing. My evidence shows there was no outbound SMTP spam sent from my connection on, or even around, September 2nd.
Why this matter concerns me so much:
Based on what you've told me earlier in this thread, what the Abuse individual stated isn't accurate -- what port you send mail through makes no difference regarding how Comcast handles spam reports.
This means that the *exact same situation could happen again*, which could in fact result in either 1) my inability to send mail from my Comcast service entirely (e.g. 25, 465, and 587 all get blocked), or 2) possibly termination of my service.
THAT is why I'm so concerned. I don't want it to happen again, and for that to happen, I need to know *details*, and work with someone, sharing evidence and being fair about it.
This *also* makes me question whether or not the Abuse person was telling me the truth when it came to his claim that the block was put in place "because of Comcast receiving a report of my IP sending spam".
It's to the point where I'd even be willing to sign an NDA (stopping further discussion on my part regarding this problem) just so I could get details on what happened. I realise this latter will probably make some forum folks say "Great dude, real great, just give in to the system and be a drone", but I'm trying to be reasonable, and I am worried for the above two reasons.
In no way shape or form am I complaining just for the sake of doing so -- I really am concerned/worried this situation will happen again. | |
bigchris
Do Not Shoot The Messenger
Premium,MVM
join:2002-04-29
Leesburg, VA
·Vonage
| Koitsu, I said your speculations weren't accurate, I didn't say that the Abuse dept lied to you.
We will not block your port 587 or 465. You need to authenticate to use those ports so in effect you are saying it's you that sent the mail.
Now if it turns out you have or ever are trojan'd and we deem it significant enough to warn you, we'll contact you directly via the phone. We've done this in the past many times when it's clear a customer has a serious problem.
Can we end this now please? | |
koitsu
Premium
join:2002-07-16
Mountain View, CA
1 edit | said by bigchris :Koitsu, I said your speculations weren't accurate, I didn't say that the Abuse dept lied to you. We will not block your port 587 or 465. You need to authenticate to use those ports so in effect you are saying it's you that sent the mail. Now if it turns out you have or ever are trojan'd and we deem it significant enough to warn you, we'll contact you directly via the phone. We've done this in the past many times when it's clear a customer has a serious problem. Can we end this now please? No, because this just induces even more questions.
What you're telling me in the above paragraphs is essentially the following: "if you use SMTP AUTH to authenticate yourself with our mail servers, regardless of port #, then we won't block you".
None of this explains what caused Comcast to 1) suddenly block outbound TCP port 25, and 2) tell me that I sent spam through their mail servers on September 2nd.
Why did Comcast not simply send me an Email stating "we see you are using smtp.comcast.net port 25 without authentication. You need to use authentication to utilise our mail servers. To force you into doing that, we've put up a block on port 25. You'll need to use ports 587 or 465, which require authentication, from this point on"?
Why did the Support (not Abuse) rep. I spoke to not tell me that? Why didn't the Abuse rep. tell me that?
Finally: yes, of course I "sent the mail", if by "sent the mail" you mean the 11 I sent on September 2nd. I already admitted to sending all 11 of those (non-spam) mails, through smtp.comcast.net:25. I'm telling you flat out, NONE of those mails are spam. I can gladly send you, or any other Comcast rep., all 11 of those mails, as well as all 11 log entries in my mailserver, and you can cross-reference the timestamps and the mail queue IDs. Like I said, *I* have evidence/proof that I did not send any spam, but Comcast is not willing to work with me to try and figure out what really happened.
Or was what I was told (re: "you sent spam") a lie, and it was really just an attempt to get me to use SMTP AUTH? If so, no problem -- just say that! | |
KookyMan
join:2001-09-09
Clio, MI
| The sad thing Koitsu, if you push that by providing logs of your mail server/etc, they will probably crack on you for running a mail server since that's "obviously not consumer use" (despite the fact that us geeks DO use servers in our residential environment.) Yes, I know its semantics since they aren't "public" servers, but you get what I'm prodding at. | |
-
|
