SMTP Attacks

Rick Stevens rstevens at vitalstream.com
Tue Oct 31 20:59:23 UTC 2006 

On Tue, 2006-10-31 at 10:06 -0800, Harold Hallikainen wrote:
> > On Tue, 2006-10-31 at 15:35 +0700, Budi Febrianto wrote:
> >> Rick Stevens wrote:
> >> >
> >> > Nah, I don't publicly blacklist them...I just don't let them into our
> >> > network...and there are a few specific holes in that list for
> >> legitimate
> >> > servers that I know about.
> >> >
> >> > Spamhaus, however, are Nazis and should be sued.
> >> >
> >>
> >> Why you say Spamhaus are Nazis? I use they services for many months now.
> >> Is there something that I don't know?
> >
> > Yes.  God help you if you ever get on their list.  It's damned near
> > impossible to get off--even if you were incorrectly listed or can prove
> > whatever was wrong has been fixed.
> >
> > They provide NO mechanism to unlist yourself or submit your site for a
> > check (or didn't last time I checked), and if you were unfairly listed,
> > they offer no apologies if they do take you off.
> >
> > Their blocks can be draconian...I've seen them list an entire /19
> > network because ONE server had been compromised.
> >
> > I applaud their efforts, but the way they do things is really, really
> > bush league.  If you're going to label someone as a spammer based on
> > someone else's say-so, you'd better provide ways to get off the list if
> > you've been put on it.  They don't, and that's why I consider them
> > Nazis.
> >
> >
> > ...ir attitude is "F*ck you...you're a spammer and will
> > always be a spammer
> 
> 
> Any comments on http://www.spamcop.net ? They seem to be working well for
> me. I can watch /var/maillog and watch spam being rejected all day. Here's
> one from a few minutes ago...
> 
> Oct 31 09:38:55 sujan sendmail[2169]: ruleset=check_relay,
> arg1=OL88-54.fibertel.com.ar, arg2=127.0.0.2, relay=OL88-54.fiberte
> l.com.ar [24.232.54.88], reject=553 5.3.0 Spam blocked see:
> http://spamcop.net/bl.shtml?24.232.54.88

They're not as bad and they do give you a way to get off their list
(sorta).

Look, I don't want to get into some holy war about this.  I've run into
a number of them while running our network.  I understand what they're
trying to do, but when they come up with their _own_ definitions of what
is and isn't spam, then list you based on reports from third parties
(some of which may be from people who simply don't like you) and give
you NO way of defending yourself or getting off their lists, then I call
them Nazis and that's the end of it.

----------------------------------------------------------------------
- Rick Stevens, Senior Systems Engineer     rstevens at vitalstream.com -
- VitalStream, Inc.                       http://www.vitalstream.com -
-                                                                    -
-        Artificial Intelligence usually beats real stupidity.       -
----------------------------------------------------------------------

More information about the Redhat-install-list mailing list