BPremium,MVM
join:2000-10-28 | reply to jspreha
It Hit SlashdotHey hey, it's on Slashdot now!
»yro.slashdot.org/yro/04/01/21/01···6&tid=95
-- B |
|
| reply to nil
Re: Why not to use SPEWS slashdot says hi. just want to get in before the flood of anonymous lamers!
good luck with this. |
|
|
|
 DanielPremium,MVM
join:2000-06-26
San Francisco, CA | reply to nil
The SPEWS debacle... Ah...the power of the Internet. I see change on the horizon, and it's headed this way...
--
"Luck is the residue of design." - Branch Rickey |
|
DanielPremium,MVM
join:2000-06-26
San Francisco, CA
1 edit | reply to alliozzzz
Re: Why not to use SPEWS said by some anonymous guy:
slashdot says hi. just want to get in before the flood of anonymous lamers!
...said the guy who posted anonymously.
--
"Luck is the residue of design." - Branch Rickey |
|
| reply to nil
To the person who said that spamassassin is better Many companys who get upwards of gigabytes of pure spam daily. To them, post-reciept filtering is not an option. The spammers have wasted their bandwidth to delever their spew. All that spamassassin does is stop the recepient from reading it. The only option to save bandwidth is to DENY suspected ip addresses from DELEVERING IN THE FIRST PLACE. Spamassassin can be used as a second-level line of defence for everything else that gets past trusted lists (spamcop, spamhaus etc). If you paid per megabyte you would be doing this too.
Oh, and anyone blocking on L2 is dumb. Get in contact with the clueless admins of any server that bounces your mail. Chances are BBA should remain largely unaffected. |
|
| reply to nil
Re: Why not to use SPEWS Said by Captain Bob
We all know what "collateral damage" means don't we? It is unavoidable in a war (just ask Dubya), and anti-spam operations amount to a war.
That said, it is the "primary" victims which we should be more (primarily) concerned with. The thousands upon thousands of innocent victims who are inundated with porn, viruses, trojans, and lost bandwidth, not to mention the BILLIONS of dollars lost each year due to the spam/uce plague.
The number of secondary victims pales greatly in number compared to the primary victims!
Let's see how you'd like this attitude if, for example, the FBI decided to detain all ISP administrators from Clueless, Idaho or wherever you are from, based on the actions of one anonymous culprit who happened to be tracked to your particular geographic region. What makes you think that a business which provides the livelihood for employees, services for its clients, and in turn the client's livelihood has less of an impact than some people get an X10 camera ad in their email.
(employee/business failure vs some percentage of email that can be filtered in a wide variety of ways)
You are in effect using a shotgun to open a window, with no care for the damage you do. A disclaimer that you are ignorant and illogical does not excuse the behavior.
While I am not a lawyer I suspect that a person who;
1. makes wildly inaccurate assertions,
2. in a publicly accessible forum,
3. as a means of coercing others
is commiting fraud, libel, and extortion (in that order).
I pray you have a better argument prepared on the day that you try this with someone with abundant and aggressive legal representation. When they finish having you shutdown as an accessory they could probably pursue a counter suit for any documented losses. I wouldn't expect them to actually try to get money from you; the 15 minutes it takes them to file one more paper would simply require you to spend your time and money to stay afloat.
You give anti-SPAM efforts a bad name. |
|
| Let's see how you'd like this attitude if, for example, the FBI decided to detain all ISP administrators from Clueless, Idaho or wherever you are from, based on the actions of one anonymous culprit who happened to be tracked to your particular geographic region. What makes you think that a business which provides the livelihood for employees, services for its clients, and in turn the client's livelihood has less of an impact than some people get an X10 camera ad in their email.
Not a good comparison. Not at all. A better comparison would be, based on the actions of one anonymous culprit from your area, the FBI issued a warning 'Be wary of people from Clueless, Idaho. One of them has done bad things.' And businesses turned away people from Clueless, Idaho becuase of this warning. It's the businesses that have the power of the acceptance or denaial here.
It's amazing how many times I've seen people blame a BL for the blocking of e-mail. They provide a list. Pure and simple. Just a list. They do not stop the flow of e-mail, they can't.
I think someone else mentioned this, but if you don't like SPEWS, just make a public campaign showing mail server admins why they shouldn't block against SPEWS.
That being said, as a mail server Admin, I do NOT use Spews. Our company policy is that we'd rather err towards extra spam than blocking a legitimate e-mail. And if you actually want my honest opinion, I think word parsing filters seem to be the best defense so far. About 25% of our incoming mail is stopped by our content filter, and think our false positive rate is about 0.1%. The BL filters catch something like 5% of our incoming traffic, but the way they're tweaked, I'm kind of light-handed with that enforcement effort, but the plus side to the light-handedness is that I think I've had one false positive in the past 4 months. |
|
| reply to nil
I have to say that I am NOT defending NAC or any other ISP/Hosting provider that is being blamed as a spam friendly provider. HOWEVER, I can say that a lot of the time there are false reports created that end up causing ISPs, Hosting providers, etc, to be listed. I currently do out-sourced support for some 300 servers and 80 thousand end users and we have to deal with spamblocks on a daily basis because of some a$$clown. But after we do our research, check our logs...more often then not we find that they didn't do it.
If people want to use spam lists as a guideline, great. But take it with a grain of salt. Blindly blacklisting because some 3rd party service says to is lame and I feel unprofessional. I remember the good old days when Sysadmins actually did their own work/research to blacklist appropriate people/providers. Its a shame that those days are all but gone. |
|
| reply to nil
Re: Most spammers not in US detroit, MI USA anyone?
you know who i'm talking about. |
|
 nilJava Geek
join:2000-11-27
kudos:1 | I must be clueless or before my second cup of coffee.. because I don't have the teeniest bit of an idea as to who you may be talking about.
--
Life is too short to be boring |
|
| reply to MidwestWebHoster
Re: Why not to use SPEWS It's amazing how many times I've seen people blame a BL for the blocking of e-mail. They provide a list. Pure and simple. Just a list. They do not stop the flow of e-mail, they can't.
What an amazing attitude!
You know, Hitler didn't personally gas any Jews or Gypsies. He was nowhere near the concentration camps, so he couldn't have.
Does that make him innocent? |
|
| No, because Hitler ordered it done. I don't see SPEWS ordering me to use their list as a part of my spam filtering solution on my e-mail server.
Had Hilter wrote a list of ethnic groups he didn't like, then a bunch of his followers went out and killed them all on their own, technically speaking I believe Hitler would be innocent of any wrong doing. But that wasn't the case, he wrote a book about it and then ordered it done. |
|
| reply to nil
Have you thought about the reason you're listed? Been reading this and I find it funny that while everyone wants to bash SPEWS for listing the IP range, no one wants to address the fact that NAC is spam-friendly...
if the number of posts in this thread were equaled by the number of emails to the NAC support staff to complain about the spammers they host, there might actually be something done about them... |
|
| reply to nil
Re: Why not to use SPEWS Godwin's law has been invoked... and the discussion was just getting interesting  |
|
shorejPremium
join:2002-07-22
Wichita, KS | reply to nil
You people amaze me. You provider is supporting spam by hosting a very well known spammer, which you profess to be against, and yet you have the gall to bitch and moan when a blacklist operator lists your spamming provider (and effectively YOU). What's wrong with this picture? You shouldn't be complaining to SPEWS about the listing. You should be complaining to the cause of the listing: Your Spam-Supporting Provider. They are the only folks that can right the wrong because it's their wrong. It's as simple as that. If you don't like being blacklisted then you shouldn't use the services of a Your Spam-Supporting Provider. This isn't rocket science folks. Hell this isn't even as hard as changing the VCI/VPI on a Cisco 675. |
|
shorejPremium
join:2002-07-22
Wichita, KS | reply to Steve
I'm a SPEWS subscriber. Always have been. Always will be. In all my years of professionally filtering spam, I have yet to find another DNSBL that was as effective as SPEWS. The problem isn't SPEWS. The problem is DSLReports.com bought the services of a Your Spam-Supporting Provider. They should expect nothing less than their provider to be blacklisted if DSLReports.com is as anit-spam as the profess to be. |
|
LrdVaderPremium
join:2003-12-18
San Diego, CA | reply to nil
Re: Most spammers not in US said by nil:
I must be clueless or before my second cup of coffee.. because I don't have the teeniest bit of an idea as to who you may be talking about.
I suspect Alan Ralsky:
»www.spamhaus.org/rokso/listing.l···20Ralsky |
|
nilJava Geek
join:2000-11-27
kudos:1 | Aye, it's been pointed out to me.. all this fighting of trolls has kept my mind cloudy. A thousand pardons for my ignorance.
--
Life is too short to be boring |
|
| reply to TamaraB
Re: Why not to use SPEWS The problem, Captain Bob, is while the US Military attempts to _avoid_ collateral damage, SPEWS deliberately causes it, by using "area effect" blacklisting when they have at their disposal "precision guided" blacklisting. The idea is that the people they blacklist that way will put pressure on their real targets. |
|
| reply to nil
I've had dealings with spammers on NAC's network before - complaints to NAC simply get forwarded to the spammer by NAC (automatically, in fact). NAC doesn't seem to do anything other than that. For example, one time I complained 7 times about ongoing spam from one NAC customer - I didn't stop getting the spam until that part of NAC was listed by Spamhaus SBL (which my ISP uses).
Based on what I see in SPEWS S2814, and my guesses as to how SPEWS operates, this is probably the sequence of events ... SPEWS admins saw that NAC was doing nothing about spam from 66.246.48.0/24, so they listed that block. The spam continued, complaints continued to be ignored, so SPEWS escalated the listing to 66.246.64.0/18. (That doesn't include 209.123.109.175, that's listed in level 2 - "keep your eye on this, but don't block email".) Yes, using SPEWS at this point *will* cause legit, non-spam email to be rejected.
I suspect SPEWS operates this way because ISPs like NAC simply won't do *anything* about abuse from their network until the rest of the internet community becomes outraged and traffic from the offending network is widely blocked. If NAC would get off their lazy butts and take reasonable action on complaints of abuse from their network, they wouldn't find themselves escalated in SPEWS.
The owners of DSL Reports would do well to find a more responsible service provider than NAC.
If you agree with SPEWS tactics, then use SPEWS on your mailserver. Evidently many companies and mailserver admins do agree with SPEWS tactics.
Starting a media campaign won't do any good, unless it prods NAC into cleaning up their network. Someone mentioned the "Something Awful" media campaign when they were in SPEWS... I remember that... Sure, flooding news.admin.net-abuse.email with a DoS is a good way to get admins all over the world on your side - NOT! I know a lot of mailserver/network admins who promptly added Something Awful to their private blacklists/router blocks in response to that attack on the newsgroup.
But back to the point - the problem is not SPEWS, SPEWS is a sometimes drastic attempt to solve the problem where other solutions fail. The problem is ISPs that knowingly and willingly host spammers. NAC seems to be such an ISP. The only solution I see for DSL Reports - Find a more responsible ISP. |
|
