nanog mailing list archives
Re: ingress SMTP
From: Matthew Moyle-Croft <mmc () internode com au>
Date: Sun, 14 Sep 2008 08:09:04 +0930
Frank Bulk wrote:
Typically a ticket gets injected into helpdesk who then contact them via email or via a phone call depending on the situation. I don't think we've automated it as often these kinds of people don't react well or ignore it - so a human being needs to intervene and often give help.How do you alert mail server operators who are smarthosting their e-mail through you that their outbound messages contain spam?
We also take measures such as rate limiting the amount of email they can send (kbps, msg per hour wise) to limit the damage.
We offer a URL for customers that allows them to see their "spam" rating for their IPs (this includes if they're sending out viruses as well) - including a text only version (2 lines of text) so it can be easily parsed by machine if someone wanted to integrate it into their own checking.
We try and have default settings that protect us and the users as much as possible, but allow people who (at least think they) know what they're doing to change them to be more open. Our general customer base tends to be biased towards the techy type who want this kind of thing. (We sponsor things like the Australian Systems Administrator's Guild etc)
MMC
Frank -----Original Message-----From: Matthew Moyle-Croft [mailto:mmc () internode com au] Sent: Saturday, September 13, 2008 12:41 AMTo: Bill Stewart Cc: nanog () nanog org Subject: Re: ingress SMTP Hi Bill, Bill Stewart wrote:In some sense, anything positive you an accomplish by blocking Port 25 you can also accomplish by leaving the port open and advertising the IP address on one of the dynamic / home broadband / etc. block lists, which leaves recipients free to whitelist or blacklist your users.Except that this tends to lead to a worse situation for people like yourself who wish to run a mailserver - because ultimately you'll have to resort to using an ISP's forwarder anyway because there will be more spam from the IP ranges you're in leaving to the wide world, thus a worse reputation, and so more blocking. ie. by blocking outbound SMTP by default and getting customers to use our mail cluster their email is more likely to arrive and not be dropped as coming from a potential spam source.I've toned down my vehemence about the blocking issue a bit - there's enough zombieware out there that I don't object strongly to an ISP that has it blocked by default but makes it easy for humans to enable.That's what we do - by default most customers have a small ACL applied which protects them from traffic from various windows ports, ensures SMTP goes via our mail cluster etc. Having customers send mail out via us is actually better because we do spam checking and can alert customers to their machines being compromised etc (or at least customers can look at their status themselves). But, customers can easily turn the filtering off via the portal we have. We have no issues with customers running servers - most people don't, and those who do value the ability to do so. MMC -- Matthew Moyle-Croft - Internode/Agile - Networks
Current thread:
- Re: ingress SMTP, (continued)
- Re: ingress SMTP Jay R. Ashworth (Sep 03)
- Re: ingress SMTP Valdis . Kletnieks (Sep 03)
- Re: ingress SMTP Tony Finch (Sep 04)
- Re: ingress SMTP David Champion (Sep 04)
- Re: ingress SMTP Joel Jaeggli (Sep 10)
- Re: ingress SMTP Robert E. Seastrom (Sep 11)
- Re: ingress SMTP Bill Stewart (Sep 12)
- Re: ingress SMTP Mark Foster (Sep 12)
- Re: ingress SMTP Matthew Moyle-Croft (Sep 12)
- RE: ingress SMTP Frank Bulk (Sep 13)
- Re: ingress SMTP Matthew Moyle-Croft (Sep 13)
- Re: ingress SMTP Suresh Ramasubramanian (Sep 13)
- RE: ingress SMTP Frank Bulk (Sep 13)
- Re: ingress SMTP Alec Berry (Sep 03)
- Re: ingress SMTP Stephen Sprunk (Sep 03)
- Re: ingress SMTP Simon Waters (Sep 03)
- Re: ingress SMTP Justin Scott (Sep 03)
- Re: ingress SMTP Suresh Ramasubramanian (Sep 03)
- Re: ingress SMTP Daniel Senie (Sep 03)