nanog mailing list archives
Re: Abuse procedures... Reality Checks
From: Kradorex Xeron <admin () digibase ca>
Date: Thu, 12 Apr 2007 13:55:00 -0400
On Thursday 12 April 2007 06:14, Fernando André wrote:
Citando Frank Bulk <frnkblk () iname com>: " but imagine how much work itwould save their abuse department in the long run"I think that Comcast trouble isn't has much has the company's affected I keep the idea that the best is to rate limit incoming connections and a lot of filtering to prevent the spam flood and keep hardware costs Low. Placing the filtering on the user will make the user cry a lot against the ISP, change ISP and keep the problem. They really don't care about their computer.
Agreed - 90-98% of end users could care less about their computer security, no matter who makes them look at the problem, they just "want to chat with aunt {lilly|mary|other} in God knows where" or to "close that business deal in New York", They don't want to bother with ports, IP, firewalls, etc, and I don't think that will change easily. And as said previously, the person will ignore their ISP and cancel and move to another SP if the ISP hassles them with blocking their email, stopping certain apps, etc. This isn't only a spam problem. it's also a problem with personal machines getting botnetted, virus'd, trojan'd over and over and over again. Why? There's simply no end-user accountability.
By using rate limit on incoming connections a lot of dynamic address's are blocked. "Additionally, upper management gives or takes away manpower many times without the understanding of what 'should' be done to be a good netizen and this defines how much effort can be spent on fixing the problems. " This is the biggest problem "upper management" really doesn't care and the time to use on this problems is not accounted.
Agreed again - Upper management business-types that are not involved in the actual operations of their businesses are most of the time not clueful enough to realize the problems, no matter how many times people explain it to them, they simply only see if it's making them money.
So controlling the number of messages that leave your SMTP server is a solution and PBL from spamhaus is a good thing ! SPF also good but will lead to complains ( tuff ) Blocking tcp destination port 25 to outside the network might work well on small and without concurrent ISP, on big ones I doubt it. ------------------------------------------------------------ Fernando Ribeiro ------------------------------------------------------------ ---------------------------------------------------------------- http://www.tvtel.pt - Tvtel Comunicações S.A.
Current thread:
- Re: Abuse procedures... Reality Checks, (continued)
- Re: Abuse procedures... Reality Checks Steve Sobol (Apr 13)
- RE: Abuse procedures... Reality Checks michael.dillon (Apr 09)
- Re: Abuse procedures... Reality Checks Rich Kulawiec (Apr 10)
- Message not available
- RE: Abuse procedures... Reality Checks Frank Bulk (Apr 10)
- Re: Abuse procedures... Reality Checks Rich Kulawiec (Apr 11)
- Message not available
- RE: Abuse procedures... Reality Checks Frank Bulk (Apr 11)
- RE: Abuse procedures... Reality Checks Mikael Abrahamsson (Apr 11)
- Re: Abuse procedures... Reality Checks Leigh Porter (Apr 12)
- Message not available
- RE: Limiting email abuse by subscribers [was: Abuse procedures... Reality Checks] Frank Bulk (Apr 12)
- RE: Abuse procedures... Reality Checks Frank Bulk (Apr 10)
- RE: Abuse procedures... Reality Checks Fernando André (Apr 12)
- Re: Abuse procedures... Reality Checks Kradorex Xeron (Apr 12)
- Re: Abuse procedures... Reality Checks J. Oquendo (Apr 13)
- AOL Postmaster? Vish Yelsangikar (Apr 13)
- Re: AOL Postmaster? chuck goolsbee (Apr 13)
- RE: AOL Postmaster? Stasiniewicz, Adam (Apr 13)
- Re: Abuse procedures... Reality Checks Chris Owen (Apr 07)
- Re: Abuse procedures... Reality Checks Chris Owen (Apr 07)
- Re: Abuse procedures... Reality Checks Mikael Abrahamsson (Apr 07)