Re: Working with Spamhaus

[William Herrin <bill () herrin us>]

On Tue, Jul 28, 2015 at 11:39 PM, Bryan Tong <contact () nullivex com> wrote:
> I wouldnt have such a disheartened attitude if they would have been
> specific or given time to comply.
>
> eSited LLC
> (701) 390-9638

Hi Brian,

eSited has 37 unresolved spam listings with Spamhaus, all documented
and some going as far back as 2013. You got a problem boss.

In your position, I would start with "This list of customers has been
terminated for spamming. The hacks on these customers' servers have
been resolved. The following blocks are each used by multiple
customers. Can you help me get a better idea which one is spamming so
I can end it?"

Next, consider blocking outbound tcp port 25 by default and adding
exceptions upon customer request. Like a swimming pool, SMTP is an
attractive nuisance. You really have to take active steps to avoid
trouble.

If you have the tools, consider also capturing a day's email outbound
from your network and examine one random message for each origin.

Regards,
Bill Herrin



-- 
William Herrin ................ herrin () dirtside com  bill () herrin us
Owner, Dirtside Systems ......... Web: <http://www.dirtside.com/>