how-to block ads
|
scooby
Premium
join:2001-05-01
Schaumburg, IL
| reply to mbnva
Re: [E-mail] Microsoft Hotmail Blocks Comcast Traf
Hard to blame them if it is for spamming. Comcast is generally ranked in the top 3 of the biggest spammers in the US. They do not seem to actively pursue spammers either.
»www.spamhaus.org/statistics/networks.lasso
»www.senderbase.org/ | |
MrBradTX
join:2001-05-23
Carrollton, TX
 ·RoadRunner Cable
| said by scooby  :Comcast is generally ranked in the top 3 of the biggest spammers in the US. If true, it's hardly surprising, since they are also ranked in the top 3 ISPs in terms of number of users. | |
NormanS
Premium,MVM
join:2001-02-14
San Jose, CA
 ·Pacific Bell - SBC
1 edit | said by MrBradTX :said by scooby :Comcast is generally ranked in the top 3 of the biggest spammers in the US. If true, it's hardly surprising, since they are also ranked in the top 3 ISPs in terms of number of users. That is a lame excuse. Comcast is No.1 in HSI customers, No.3 in spam abuse; SBC is No.2 in HSI customers, No.1 in spam abuse. Right from the gitgo you can see that there is no correlation between size of customer base and spam. There are are 61 entries for Comcast in the Spamhaus list, 91 entries for SBC in the Spamhaus list. Let us break them down:
Comcast SBC
-----------------------------------------------------------------------
Proxified
Residential 25+ 5
Customer
-----------------------------------------------------------------------
ROKSO 17 32
Other 18 54
-----------------------------------------------------------------------
Non Resident Total 35 86
-----------------------------------------------------------------------
Residential Total 25+ 5
-----------------------------------------------------------------------
Grand Total 61 91
HSI provider No.1 Comcast - 7,705,000 subscribers
HSI provider No.2 SBC - 5,968,000 subscribers
»www.leichtmanresearch.com/press/···ase.html
...and here is more subscriber data:
»isp-planet.com/research/rankings···005.html
Now let's do some math. Ratio of ROKSO spammers to total spammers:
Comcast: 17:61, or ~28%
SBC: 32:91, or ~35%
Comcast: 35:61, or ~57.3%
SBC: 86:91, or ~94.55%
Ratio of, presumably (the figures don't detail, but the Spamhau list of assigned IP addresses seems to support) mostly residential customers to total spammers:
Comcast: 26+:61, or ~42.6%+
SBC: 5:91, or 5.5%
One more comparison is in order:
The ratio of Comcast HSI customers to SBC HSI customers: 1.28:1
The ratio of Comcast HSI spam spewing customers to SBC HSI spam spewing customers: 5:1
Any way that you look at it, based on HSI customers, Comcast, which doesn't block outbound port 25, is way ahead of SBC, which does block outbound port 25, when it comes to open proxy spam from infested residential customer computers. So stop blowing smoke about how Comcast leads in spam abuse because they lead in customer base.
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum | |
funchords
Hello
Premium,MVM
join:2001-03-11
Washington, DC
·Verizon Online DSL
 ·Skype
| said by NormanS :The ratio of Comcast HSI spam spewing customers to SBC HSI spam spewing customers: 5:1 Any way that you look at it, based on HSI customers, Comcast, which doesn't block outbound port 25, is way ahead of SBC, which does block outbound port 25, when it comes to open proxy spam from infested residential customer computers. So stop blowing smoke about how Comcast leads in spam abuse because they lead in customer base. I like that Comcast doesn't block port 25. I connect to an outside server every day, and I haven't done anything wrong. To me, this is a big deal.
Comcast does block port 25 for compromised systems. It's whack-a-mole, to be sure, but it works without punishing customers who run AV, keep their systems patched, don't download crap, and usually run with minimum system privileges.
--
Robb Topolski  http://www.funchords.com/  Hillsboro, Oregon USA
... How much spam would a spam clan spam if the CAN-SPAM could can spam? ... | |
NormanS
Premium,MVM
join:2001-02-14
San Jose, CA
·Pacific Bell - SBC
| said by funchords :I like that Comcast doesn't block port 25. I connect to an outside server every day, and I haven't done anything wrong. To me, this is a big deal. Comcast does block port 25 for compromised systems. It's whack-a-mole, to be sure, but it works without punishing customers who run AV, keep their systems patched, don't download crap, and usually run with minimum system privileges. I don't like that I get so damned many connection attempts from unblocked Comcast customers to my MX server. If I didn't have friends on Comcast I'd just block them at the firewall.
You don't need port 25 to use outside servers. I use outside servers that listen on port 465, or on port 587. Port 25 was never intended for email message submission; and the sooner we stop mis-using it, the sooner the spammers won't be able to abuse it.
You gotta be kidding, right? Comcast port 25 blocks are completely ineffective. They go in place for 48 hours, then they are lifted. If the blocked customer actually uses a mail client, they might notice; but I know a lot of people who don't even know what a mail client is. Those who rely entirely on the Comcast web mail service will never know when they get blocked, and, thus, never know that they need to clean their infected systems. Idiots.
said by scooby :Norman you are forgetting T1 customers. SBC has a huge lead in the number of business customers and those get infected as well. Then why aren't they showing up in the Spamhaus stats? Why aren't they showing up in my mail logs. Both the Spamhaus stats, and my mail logs tell me that you are wrong.
said by scooby : reply to mbnva Re: [E-mail] Microsoft Hotmail Blocks Comcast Traffic I dont get the argument on size/spam rank. Maybe more spammers are chsi cust. But the more cust you have, the higher chances for more spammers. You didn't even look at the numbers. There is no correlation to how many customers you have and how much spam you send.
Comcast only has 1.3 times as many customers as SBC. Comcast has 5 times as many compromised customers, with spamming Trojans, as SBC has.
And you haven't seen the end of the spam blocks. Yet.
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum | |
funchords
Hello
Premium,MVM
join:2001-03-11
Washington, DC
·Verizon Online DSL
·Skype
| said by NormanS :You don't need port 25 to use outside servers. I use outside servers that listen on port 465, or on port 587. Port 25 was never intended for email message submission; and the sooner we stop mis-using it, the sooner the spammers won't be able to abuse it. I wish I had 465 or 587 ... but my outside provider doesn't and won't (I've asked).
But what do you mean about port 25 never being intended for email submission? That's been the port since I've been on the net ... more than 10 years now.
--
Robb Topolski http://www.funchords.com/ Hillsboro, Oregon USA
... How much spam would a spam clan spam if the CAN-SPAM could can spam? ... | |
BlaZeR2
join:2001-05-28
Taylor, MI
| reply to NormanS
Maybe i am not following this correctly, but you say that Comcast has 5 times as many compromised customers as SBC, but that isn't true. They have 5 times as many compromised RESIDENTIAL customers as SBC. If you include non-residential, SBC has 1.5 times as many compromised customers (overall) as comcast.
Is this correct, or am I misunderstanding something, the thread isn't just about residential customers but customers as a whole? | |
funchords
Hello
Premium,MVM
join:2001-03-11
Washington, DC
·Verizon Online DSL
·Skype
| reply to NormanS
said by NormanS :Comcast port 25 blocks are completely ineffective. They go in place for 48 hours, then they are lifted. No, they go into place and stay in place until the customer contacts the abuse dept.. I've seen the letter posted in this forum.
--
Robb Topolski http://www.funchords.com/ Hillsboro, Oregon USA
... How much spam would a spam clan spam if the CAN-SPAM could can spam? ... | |
NormanS
Premium,MVM
join:2001-02-14
San Jose, CA
·Pacific Bell - SBC
| reply to BlaZeR2
said by BlaZeR2 :Maybe i am not following this correctly, but you say that Comcast has 5 times as many compromised customers as SBC, but that isn't true. They have 5 times as many compromised RESIDENTIAL customers as SBC. If you include non-residential, SBC has 1.5 times as many compromised customers (overall) as comcast. Is this correct, or am I misunderstanding something, the thread isn't just about residential customers but customers as a whole? I don't even know where you are getting that "1.5 times as many compromised customers". SBC has a large number of commercial spammers who actually pay SBC for connectivity for spamming. Those costumers are not "compromised", they are paying SBC for the privilege of spamming. They comprise roughly 95% of the total spamming reported by Spamhaus as coming from SBC IP addresses. These guys are actually running MTAs on their IP addresses. SBC abuse doesn't do squat about them because they pay enough money that SBC sees them as a revenue stream. You wouldn't want to kill the goose laying the golden eggs, would you? Well, neither does SBC. (Not that I agree with that position; if I were paying the HSI bill here, and not the landlady, I would switch to DSL Extreme, or Speakeasy, in a heartbeat! And tell SBC why I am leaving when I leave. Alas...And I have spent too much time bitching in the SBC private NNTP groups; I have a reputation there, but it isn't the best.)
The "compromised" customers are mostly residential customers; the ones who get the spamming Trojans installed on their computers. About 95% of them would never miss port 25 if it was blocked. The latest crop of them are probably like my Comcast sister, or SBC Yahoo! DSL Service cousin; the former doesn't use an email client, preferring to use the Comcast Web email interface, the latter was happy not to lose his Yahoo! Mail Web access. Neither would ever notice a port 25 block. These make up the bulk of the proxy spam. Comcast has only ~1.3 times as many of these customers, yet ~5 times as many of these customers are spewing spam from the Comcast network.
said by funchords :But what do you mean about port 25 never being intended for email submission? That's been the port since I've been on the net ... more than 10 years now. »www.faqs.org/rfcs/rfc2821.html
This describes the "Simple Mail Transfer Protocol". Mail transfer, as in forwarding email from MTA to MTA until the destination. Unless you are running an MTA, you don't need port 25. The fact that port 25 has been used for message submission up until now doesn't mean that port 25 was always intended for messages submission.
»www.faqs.org/rfcs/rfc2476.html
Dated December, 1998, so it goes back a ways. This describes "Message Submission", as in injecting email into the SMTP session. It has been around long enough that mail administrators should be aware of it. Any mail administrator who refuses to implement RFC 2476 is being a "stubborn ass". It isn't hard to do. It is just, well, not "traditional". Not more than ten years old, to be sure; but not invented yesterday, either. Somebody foresaw the need for authenticated message submission seven years ago; just about two years after the first inkling of trouble with spam. If every email provider used authenticated message submission on port 587, as described in RFC 2476, then proxy spam would be as much a thing of the past as relay spam is now.
As for a provider refusing to implement an RFC; I would recommend them to "RFC Ignorant", for a listing!
»www.rfc-ignorant.org/
And look elsewhere for email service.
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum | |
funchords
Hello
Premium,MVM
join:2001-03-11
Washington, DC
·Verizon Online DSL
·Skype
| So everyone who accepts submissions on port 25 is RFC ignorant? I think espousing that position is rather ignorant.
What do you think RFC means? There are plenty of RFCs that never 'took.' It is guidance, and I believe in them, but current and prior practice is also guidance.
--
Robb Topolski http://www.funchords.com/ Hillsboro, Oregon USA
... How much spam would a spam clan spam if the CAN-SPAM could can spam? ... | |
NormanS
Premium,MVM
join:2001-02-14
San Jose, CA
·Pacific Bell - SBC
1 edit | I am beginning to feel the way that Dr. Ignaz Semmelweis must have felt...
»inventors.about.com/library/inve···tics.htm
"Current and prior practice" is not always the best practice.
(Or, maybe...Brigadier General Billy Mitchell)
How ironic; the "fortune" that BBR displayed as I was being taken back from posting:
Random fortune (from food)
Sacred cows make great hamburgers.
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum | |
JeezuzCheezuz
@208.17.x.x | reply to NormanS
Wow, you are passionate about your SPAM huh? | |
NormanS
Premium,MVM
join:2001-02-14
San Jose, CA
·Pacific Bell - SBC
| said by JeezuzCheezuz :
Wow, you are passionate about your SPAM huh?
SPAM is very delicious, IMHO. Hormel has a winner of a product with SPAM.
--
Norman
~Oh Lord, why have you come
~To Konnyu, with the Lion and the Drum | |
Rick C
@comcast.net | reply to NormanS
This issue has not been resolved. I still cannot send to a hotmail account without getting that error message.
Rick | |
|
