O Canada! > Canadian > TekSavvy > Argg.... UCEPROTECT... very frustrating!

Argg.... UCEPROTECT... very frustrating!

Seems like a dumb spam filter especially if they don't have any records to backup their claims and the info on their removal page is noting but insulting.

reply to R0CKY
What ignorant jackasses over there...

We have very bad news for you: It is not you, it is your complete provider which got listed.
Your IP xxxx was NOT part of a spamrun, but your provider seems to believe that spam is what the internet was made for.
By tolerating your provider doesn't care about spammers you are also supporting the global spam.
If all people would boycott spammerhaevens, spam-friendly providers wouldn't even exist.

Please send a compliant to your provider and request him to fix this problem immediatly.
Think about this: You pay him for, that you can use the internet without problems.

If he ignores your complaint or claims he can't do anything, you should consider to change your provider.
Don't accept to be fooled. If your provider really wants to stop spam he would install preventive measures.

reply to R0CKY
Agreed. I would ignore it, I doubt anyone smart actually uses their filter.

reply to R0CKY
Well I mean, charging 250 euros to delist yourself? They are stupid, and I know nobody who uses them. They try to make themselves look like some kind of experts.. yeah expert ripoff artists.

reply to R0CKY
I wouldn't worry about them too much.... but Rocky, I thought you guys were only allowing port 25 outgoing on static IP's anyway?

When I first got started with you guys, Steve did a quick "audit" of sorts to make sure my mailserver wasn't going to be spamming the world, granted you've grown exponentially since, but I'm assmusing* that most new joins have dynamic IP's, and I thought you were blocking port 25 on those anyway?

Blocking an entire AS over 130 *reported* IP's "spamming" is dumb anyway.

* In the end, I know about what happens when you assume...
--
Windows is the virus. Linux is the vaccine, FreeBSD is the CURE

Is port 25 currently open for all or static only?

reply to R0CKY
I'd take a "wait and see" approach to this IMHO.

And, by "Wait and see", Wait and see if you get any complaints about people not recieving their emails from people.

Its a decidedly german filter, but...you know if you don't hear from anyone, then I'd say continue as usual...please don't succumb to blocking port 25 for everyone, maybe auditing those people who did show up on the list and have someone call them would be in order...

Its like punishing the whole class and not giving them Phys Ed. because 1 or 2 kids out of the class of 25 were mis-behaving. (I'm sure this doesn't happen now, but did happen in the 80s when I was in school as a kid lol)...

Take the 1 or 2 kids and put them in a timeout...if there's only 130, it shouldn't take long to get their attention.

reply to R0CKY
Woah woah R0CKY...

Better not be blocking 25 otherwise I'll be packing bags in a second along with a pile of other accounts. That's one of the simple things that I absolutely *CAN'T* have.

I agree these guys are total BS and should be publicly flogged though. Hope there's a way around them. I know myself I NEVER use their lists because of shit like this.
--
Justin - DSLR resident grouch and Mr Negativity
Have a nice day!

If we block port 25 it would likely be the dynamics only with opt-out... Will be meeting with Marc to discuss this further this morning.

reply to R0CKY
I'd contact the people who are on those IP's since its a small amount.Tell em to fix thier shit or just block 25 for them.

reply to R0CKY
So, this does lead into some things that are simply good to do. Like it or not, UCEPROTECT does highlight a good point, we need to do more to protect "others" on the net. For the large majority of our customer, they don't need port 25 to be open. Which, is the primary source for spam on the internet in general. By leaving port 25 wide open like it is now, when any of our customers get infected by a virus or spy ware, their computers then become a massive spam spewing machine and our network a spam host.

With this in mind, the plan is to start implementing port 25 blocking on all dynamic accounts. To be removed from the block list you can either get a static IP or ask to be removed.
--
TSI Marc - TekSavvy Solutions Inc.

reply to R0CKY
While you're at it, can you consider blocking 135 139 and 445? They really have no business being on the public internet.

phux0red# pfctl -sl | grep microsoft
fuck-microsoft-135 103002 278 14168 278 14168 0 0
fuck-microsoft-139 84279 20 972 20 972 0 0
fuck-microsoft-445 84259 573 29748 573 29748 0 0
 

yeah we also have been talking about that.. we'll see how port 25 goes first.
--
TSI Marc - TekSavvy Solutions Inc.

reply to R0CKY

135 and 445 are used by AD. Not sure about 139.

I would imagine they could add exceptions the same way as for smtp.

Network Ports Used by Key Microsoft Server Products:
»www.microsoft.com/smallbusiness/···rod.mspx

reply to zacron
These ports (135, 139, 445) should NEVER be routed out of a LAN. It's absolutely one of the worst ideas. Security wise, you have opened yourself up to a HUGE hole. I would seriously be surprised if your machines aren't infected. You really do need a VPN....your domain controller should never be published directly to the internet.

reply to zacron

reply to fcisler
No, The domain controller itself is not on the internet, just the one port, which I cannot remember is open to allow me to query the AD using LDAP from a remote location... It is fully protected and firewalled, and the exception is only made for the one remote ip address. (Thank god for linux).

Cheers,

Zacron