Spam Controls Imperil E-Mail Reliability

[David Farber <dave () farber net>]

------ Forwarded Message
From: Lynn <lynn () ecgincc com>
Date: Sun, 27 Feb 2005 05:30:41 -0500
To: Suresh Ramasubramanian <suresh () hserus net>
Cc: <dave () farber net>
Subject: Re: [IP] Spam Controls Imperil E-Mail Reliability

Perhaps I wasn not clear enough. My client and I use an ISP with static
ips. The mail that was bounced as spam was sent using webmail, therefore
directly from a mailserver using a static ip. Simply asking the
destination ISP to whitelist was refused - several times. Explaining the
situation to the destination ISP with additional requests to whitelist
were refused. All because they bounced from the entire block -
regardless of where the ips were actually allocated. They didn't care.
The same type of thing has happened to a couple of my friends in the
past couple of weeks.

In my client's stiuation, the block of ips were allocated to many ISPs.
There apparently was a problem on one ip in the block. Rather than
blacklist the one ip, they chose instead to blacklist the entire block.

Omitted was the fact that this particular ISP is known for their
excellent security.

I also find it ironic the destination ISPs advise you to send an email
about it when they block your smtp servers. I see this as potentially
the beginning of a trend as it is happening at several major ISPs.

FWIW, I am speaking at a conference in May to try and teach internet
marketing people not to spam - when they just think it's marketing.

Lynn

Suresh Ramasubramanian wrote:

> Actually there seems to be some confusion here.
>
> Filtering mail direct from dynamic IPs is part of the same trend as
> dialup
> and cable ISPs blocking outbound port 25
>
> So it looks like your friend was apparently using a server running on a
> dynamic IP (maybe an always on cablemodem), rather than routing mail
> through her webhost's or ISP's smtp server?  If thats not the case you
> just
> have to tell the blocking ISP that the range you are in is not
> dynamic, its
> static.
>
> That's a bit different from locking ranges of static IPs because of a
> spammer problem on other IPs in that range.  While that does go on, it is
> much easier to whitelist such cases, than it is to let mail through from
> people operating mailservers on dynamic IPs (while keeping trojan
> payloads
> out that same dynamic range blocked)
>
> Lynn [26/02/05 17:49 -0500]:
>
> > Based on my recent experiences and those of friends (we are all tech
> > people of
> > one kind or another), the article is not overstated. I agree ISPs
> > walk a very
> > thin line with filtering and bouncing mail.
> >
> > I just had a problem with an ISP bouncing a clients mail as spam. It
> > seems the
> > clients ISP received their ips from their uplink provider, who also
> > allocated
> > many other ips to other ISPs. One of the other ISPs had a spammer,
> > probably for
> > a very short time. The destination ISP bounced everything from the
> > entire block
> > of ips. That to me is an over reaction. I spoke to the destination
> > ISP several
> > times.
> >
> > From their reply to my request to unblock 4 specific ips:
> >
> > Due to the large number of virus-infected personal computers on
> > cable/dsl/
> > dialup connections, we no longer accept mail directly from these
> > sources.
> > Senders in cable/dsl/dialup pools should configure their mail
> > software to send
> > outgoing mail through their ISP's dedicated outgoing mail server.
> >
> > Well, often their ISP is cable/dialup/dsl. I was advised to send an
> > email and
> > given an address. Since I use the same ISP as my client, I asked how
> > would they
> > receive it since the mail is rejected?
> >
> > There is no obvious system to resolve issues such as this.
> >
> > I disagree about the costs. It costs much more than you mentioned.
> > First, a
> > spammer often opens an account with a stolen credit card number. The
> > ISP,
> > credit card company, and real credit card owner are all financial
> > losers. Next,
> > each piece of spam takes bandwidth from start to end. We all pay for
> > that. Of
> > course there is also the cost of people - all of the tech people that
> > work on
> > this, and lost business.
> >
> > If this continues, we will all have to use the same ISP so we can get
> > mail
> > thru. Otherwise, it may bounce or be lost as spam.
> >
> > I don't think filtering and bouncing mail is the solution. IMO the
> > spammers and
> > virus writers (that gave us zombies) should be stopped. Operating
> > systems
> > should be more secure. IMO, spam and viruses should be stopped at the
> > source,
> > not the destination.
> >
> > Another piece of the solution is education of users. If users would stop
> > responding and making purchases from spammers, maybe they would stop
> > as there
> > would be no financial gain.
> >
> > Lynn
> >
> > David Farber wrote:
> >
> >    ------ Forwarded Message
> >    From: Suresh Ramasubramanian <suresh () hserus net>
> >    Organization: -ENOENT
> >    Date: Sat, 26 Feb 2005 07:06:44 +0530
> >    To: <dave () farber net>
> >    Cc: <GLIGOR1 () aol com>, <netwriter () ap org>
> >    Subject: Re: [IP] Spam Controls Imperil E-Mail Reliability
> >
> >    On Fri, 2005-02-25 at 17:53 -0500, David Farber wrote:
> >
> >
> >        From: <GLIGOR1 () aol com>
> >
> >
> >
> >
> >
> >        Spam Controls Imperil E-Mail Reliability
> >
> >
> >
> >
> >    That article kind of overstates things.  Bad spam filtering?
> > Sure.  But
> >    saying that spam filtering imperils email reliablity is wrong, and
> > does
> >    no credit at all to several people working at large ISPs, who walk a
> >    continuous tightrope between rejecting spam inbound to their users
> >    mailboxes and blocking legitimate email.
> >
> >    Or, if you choose, ISPs could shut off all spam filtering, and as
> > some
> >    people advocate, dump all the mail in users' mailboxes and allow
> > them to
> >    sort it out.   In which case
> >
> >    1. The users would be buried in a sea of spam
> >
> >    2. Technically less savvy users would not be able to filter it out
> >
> >    3. Once it is delivered and stored at the ISP, costs for bandwidth,
> >    storage etc have been incurred - a fraction of a cent per spam,
> > millions
> >    of spams a day.  Guess where these costs will eventually be passed
> > on?
> >
> >    It would have been far better if this article was a call for
> > responsible
> >    spam filtering, that kept in mind the ISP's main job of delivering
> > email
> >    that their users want, to their mailbox.
> >
> >    In fact I'll be speaking on a couple of panels that discuss
> > exactly this
> >    (responsible spam filtering, of both inbound and outbound spam) at
> > MAAWG
> >    (www.maawg.org) from march 1-3 in San Diego.  MAAWG is an grouping of
> >    abuse desk managers from several ISPs around the world, and so far
> > as I
> >    can see, is about the only conference of its kind that attracts a
> > bunch
> >    of operationally relevant people - abuse desk and mail system
> >    administrators, my peers at other ISPs, as opposed to the usual
> > mix of
> >    product vendors and marketing folk that you can find at most other
> > ISP
> >    oriented antispam conferences that I've seen in the United States.
> >
> >    There are other conferences too, more academic in nature and slightly
> >    less concerned with the implementation of proposed solutions so that
> >    they'll scale to a large mail system millions of users in size, but
> >    that's a different story altogether :)
> >
> >    Speaking of antispam conferences, I'm just back from organizing an
> >    APCAUCE conference at Kyoto, during APRICOT 2005.  The highlight
> > of this
> >    was a panel featuring Dave Crocker (author of BATV and CSV), Jim
> > Fenton
> >    of Cisco (author of the identified internet mail proposal) and
> > Meng Wong
> >    (author of SPF), the focus of which was to discuss these proposals
> > from
> >    an operator perspective as opposed to the purely technological view
> >    you'd get when discussing these at an IETF.  More about this when
> > I get
> >    the presentations and conference minutes uploaded.
> >
> >    regards
> >    -suresh
> >
> >
> >    ------ End of Forwarded Message
> >
> >
> >    -------------------------------------
> >    You are subscribed as lynn () ecgincc com
> >    To manage your subscription, go to
> >      http://v2.listbox.com/member/?listname=ip
> >
> >    Archives at: 
> > http://www.interesting-people.org/archives/interesting-people/

------ End of Forwarded Message


-------------------------------------
You are subscribed as lists-ip () insecure org
To manage your subscription, go to
  http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/