how-to block ads
|
Suffering
Retrovertigo
Premium,VIP
join:2004-03-06
127.0.0.1
clubs:
1 edit | reply to JJV
Re: SORBS got my buddy
I see your point. That said, how can you say it's accurate when it is blocking legitimate email that isn't from a spammer.
Certainly the spam issue needs to be resolved but honestly I don't think sorbs way of doing it works long term.
For instance Grandma gets some nasty software installed on her computer and she's a spam zombie. She has a dynamic IP address. Her ISP warns her and asks her to remove it from her computer (even provides links on how to do so), meantime someone has reported her spam to sorbs. Grandma power cycles her modem, pulls another IP address... more spam more reports to sorbs. ISP gets reports as well, deactivates accnt... grandson comes over and uninstalls his Kazaa and says it's gone, ISP reactiaves accnt... IP address #3. More spam, more dynamic IP addresses blocked by sorbs until grandma is finally told she will need to find another ISP.
So, sorbs has blocked several completely legitimate dynamic IP addresses and then wants the ISP to contact THEM in order to verify that it's a dynamic IP address.
Sorbs has no authority to make such requests to have the ISP's contact them.. I understand the concept, but if they want it to truly be accurate THEY should setup communication with the ISP's. If the ISP is responsible and takes care of it then there ya go. If the ISP says that they like spammers, then sorps steps in... otherwise it seems like too rash of a decision.
--
Positive Affirmation Of Creative Destruction | |
Steve
I'm a PC, so shut up
Consultant
join:2001-03-10
Yorba Linda, CA
| said by Suffering  :I see your point. That said, how can you say it's accurate when it is blocking legitimate email that isn't from a spammer. A list of dynamic IPs is not a list of spammers; it's just a list of dynamic IPs, and it's usually maintained separately from the list of actual spammers. Mailserver owners can choose to subscribe to whichever lists they like: they can figure out the cost/benefit ratios for their own tastes.
Generally speaking, people with dynamic IPs have a low ratio of legit to bogus mail servers, so it's not a bad plan at all to block. There is no way to block all the spam and keep all of the regular mail, so there is going to be some fallout. The guy who owns the mailserver gets to make that call, not grandma.Certainly the spam issue needs to be resolved but honestly I don't think sorbs way of doing it works long term. Then I guess you won't be installing it on your mailserver, now will you?So, sorbs has blocked several completely legitimate dynamic IP addresses and then wants the ISP to contact THEM in order to verify that it's a dynamic IP address. Grandma should be sending email through her ISP's mailserver; if she wants to run her own mailserver, get a static.
Sorry.
Steve
--
Stephen J. Friedl • Unix Wizard • Microsoft Security MVP • Tustin, California USA • my web site | |
Suffering
Retrovertigo
Premium,VIP
join:2004-03-06
127.0.0.1
clubs:
| Steve I didn't say dynamic IP = spammer. I've had a dynamic IP with my dsl for nearly 5 years. Sorbs doesn't just block people running their own mail server... and sometimes people get infected with malware that sends out spam (I'm sure you know this, just saying), and sorbs will block ISP's dynamic IP's that people might have been pulling when they were a spam zombie... even ISP's who are quite vigilant about keeping spammers off their network.
--
Positive Affirmation Of Creative Destruction | |
|
