Re: IP-Echelon Compliance

[Stephen Satchell <list () satchell net>]

On 10/14/2015 03:37 AM, Rich Kulawiec wrote:
> On Wed, Oct 14, 2015 at 12:12:29PM +0200, Randy Bush wrote:
> > jeezus folk!
> >
> > http://www.procmail.org/
>
> I wouldn't necessarily recommend that approach.  There is no obligation
> for victims of spammers to continue providing Internet services to them,
> including SMTP services.  A much better move would be to identify the
> network block emitting this abuse and block/drop all packets from it at
> the perimeter of the network or in the firewall(s).  After all, spammers
> frequently engage in other forms of abuse, so it would probably be best
> to simply remove them from your view of the Internet.
>
> ---rsk

+1 -- I've taken the approach in my edge network to block spammers and 
SSH abusers completely, on the theory that people will have multiple bad 
habits.  I collect between 1000 and 2000 spam messages during each 
cycle, then add the worst offenders to my netblocks.  I don't recommend 
this approach for services that have a number of different customers; 
for enterprise networks, though, judicious use of ACLs can relieve a lot 
of headaches and clogging traffic.

Running multiple mail servers, one for incoming sales and one for 
general use, lets you tailor the blocks so that relatively few people 
have to deal with the sludge.