Re: The worst abuse e-mail ever, sverige.net

[Steven Champeon <schampeo () hesketh com>]

on Tue, Sep 21, 2004 at 11:00:53AM -0600, james edwards wrote:
> > Sheesh. Get over /yourself/. Your network is rude by its very existence,
> > if it lets spammers relay crud by way of it. Your own arrogance in
> > thinking it's not your problem to fix is astounding.
>
> I did no say it is not my problem, we have a 10 year history of being
> very pro-active for all abuse issues and have a dedicated staff person
> to deal with these issues.

OK, then, perhaps you can explain why I have received backscatter from 

web.cybermesa.com [65.19.6.7]

or why even though I got spam from 

sf-du170.cybermesa.com [209.12.75.170]

back in October 2001, and from 

sf-du201.cybermesa.com [209.12.75.201]

in February 2002, you still haven't blocked outbound port 25 traffic from
those obviously vulnerable hosts?

http://groups.google.com/groups?num=50&hl=en&lr=&ie=UTF-8&newwindow=1&safe=off&c2coff=1&q=group%3Anews.admin.net-abuse.*+cybermesa.com&btnG=Search

Looks like you've got an ongoing problem with those dialup ranges.

> Slaming my mail admin because a dial up user has a virus is rude,
> period.

Nope. Sorry. Emitting spam/viruses or backscatter even though you know
you (or your users) have a problem, expecting everyone else to block
your network, and whining when someone has the gall to call you on it -
that's rude.

Of course, it's pretty common, but that doesn't make it any less rude.

> Our dial up address space is listed, if people choose to block mail
> from that space.

I'm curious - where is it listed? I don't see anything on your Web site
that even suggests a place to go looking for abuse/helpdesk/support
info. Much less a banner inviting more responsible mail admins to block
your listed netblocks....

Will a regex of [a-z]+[0-9]*\-du[0-9]+\.cybermesa\.com block all of
your dialup ranges by rDNS? What about your DSL and ISDN ranges? How
are they named? Consistently, I hope. And of course I also hope they
resolve back-and-forwards to the IP, so spam/viruses don't squeak through
sendmail due to being "possibly forged".

Why aren't they named so that sendmail and other MTAs can block your
dynamic ranges by RHS in access.db, instead of having to use regexes?

Hint: blah-1-2.dynamic.cybermesa.com or blah-3.4.dialup.cybermesa.com
or foo-5-6-7-8.dsl.cybermesa.com makes this much less annoying and
difficult, and conveys the same information as sf-du120.cybermesa.com.

I apologize if I offended you personally, I intended to do it professioanlly.

Steve

-- 
join us!   http://hesketh.com/about/careers/web_designer.html       join us! 
hesketh.com/inc. v: +1(919)834-2552 f: +1(919)834-2554 w: http://hesketh.com
join us!   http://hesketh.com/about/careers/account_manager.html    join us!