rlsnyder asks: "I'm the inadvertant co-administrator of e-mail a for company that relies pretty heavily on it for daily business (e.g. sending confirmations of financial transactions). At one point in the not-too-distant past, our server was an open relay. I admit I'm a sinner for letting it happen, and I'm ready to do my pennance. Given the relatively low volume of mail our server moved that did not originate from inside, I doubt I was a major contributor to the world of SPAM. In any event, we've been blacklisted on a number of sites. Some lists have reasonable policies, and we've since been removed. Other places are a little more arbitrary as to removal policies, and although I can prove we're not a relay, we're still listed." While I approve of the basic concept of SPAM Blacklists, there are dozens of SPAM blacklists out there who are real keen on adding open relays to the list, but not so keen on taking rehabilitated hosts out. I would posit that SPAM blacklists that are not properly maintained are a part of the problem, not the solution. What are your thoughts on the subject?
rlsynder continues: "Am I way off base here, or is this self-appointed mail police thing going in the wrong direction? Given that I can't reliably deliver e-mail to a number of places due to being blocked, I've got a big exposure. Is this making spam less of a problem, or are we trading one problem (SPAM) for another (the reliablility of proper maintenance of SPAM Blacklists)?
I could draw a bunch of analogies here, but isn't the bottom line that no one owns the internet e-mail system? I realize no one makes ISP's subscribe to the blacklists, but basically, I'm trying to move data from one point to another, and some machines in the middle are discriminating against my data because a corrected, perfectly legal system configuration error. How is this helping? Has SPAM really decreased universally thanks to these lists?"
Subscribing to blacklists did not help me. (Score:5, Interesting)
Automate the maintenance (Score:2, Interesting)
No. Deal with it. (Score:2, Interesting)
You wanna live in a crack house? Don't go whining to the cops when you can't get a pizza delivered at midnight.
You wanna get bandwidth with a company that provides services to spammers and relocates spammers to IP addresses to avoid blocking of single IP addresses, don't come whining to /. when the rest of the world wants nothing to do with your ISP.
If someone spams me, I block the IP address. If the ISP relocates the spammer to another IP address in the same netspace, I say "fuck it", and block the /24. Or the /16, if need be.
Don't like living in a crack house? Move.
Blacklist sites (Score:5, Interesting)
This is a good thing - and what every blacklist's ultimate goal is.
Speaking as a mail server admin, I'd be interested to know which lists are not removing you - so that I can make sure I'm not using them.
Seriously - letting people know about this is the best way to get what you want. If your site is not a relay, any blacklist maintainer is doing their users a disservice by listing you.
As a mail admin, I'd want to know.
Alternatively, you could do the American thing and threaten a lawsuit - most blacklist operators are immune from libel charges because they're just listing people who operate open relays (truth is defense against libel) - if you're not an open relay, then you've got a good case for libel: they're deliberately publishing false information to hurt your business.
Umh, no... (Score:2, Interesting)
1) You have to prove that you weren't doing the spamming. (this is good)
2) You also have a "waiting period" to be removed from these lists. (this is also good)
The fact that you let your server become an open relay (configuration error or not) is bad. Think of it as your "slap on the wrist" for allowing it to happen.
Overall, this is a good thing. I bet you will make sure that your servers are secured properly from now on.
Black lists probably work (Score:3, Interesting)
RBL can be useful... (Score:3, Interesting)
I agree that some BL's are not properly managed. The old ORBS system was a perfect example of this. They would add you if you were an open relay, but getting OUT of the database was pretty much impossible if the guy that ran it didn't like you or your attitude toward his "service".
One of my mail servers ended up on ORBZ as well as ORDB because I had made a mistake in the configuration, and I corrected it and was promptly removed after submitting a re-test request.
I now employ the use of RBL on my own servers, but I will only use those services which will remove "fixed" servers using an automated testing system that works properly. ORDB, ORBZ and Osirisoft's RBL's tend to be the best AFAIK. I have found that by using these systems, the level of SPAM that my users and I receive has dropped to a point where it's not entirely annoying or time-consuming to deal with it anymore.
One RBL that I stay away from using is the one operated by SpamCop (bl.spamcop.com). It's a great idea, but it ends up blocking out too much "real" e-mail as well, esp from the larger ISP's like Comcast, etc.
Also a GoodThing (Score:2, Interesting)
Back in the day, I tried to email a resume to a credit union and found my email bounced even getting to them, because their open relay had been abused. It no doubt made doing business very difficult for them.
This of course is no real help to anyone who brings in a contractor to set things up and leaves the door open. Maybe worth wording into a contract that contractor is responsible for certain damages due to oversight. I know contractors are advised to carry insurance, I wonder how this example would play out.
We need a Consumer Reports site for blacklists (Score:2, Interesting)
Blacklist maintainers would naturally want to be at the top, and this would foster competition and generate better more accurate lists.
Trust, but Verify (Score:2, Interesting)
After lurking on news.admin.net-abuse.email for a while, I've seen a lot of mail admins post asking to have their servers un-blacklisted because they've "cleaned up their act" only to have it pointed out to them that they are still hosting spammers.
Perhaps you could tell us where you have been blacklisted and what IPs are listed so we can see for ourselves the veracity of your statement?
Re:Cure as bad as the illness (Score:2, Interesting)
damage.
With lists like SPEWS, collateral damage is inevitable - no one who uses SPEWS is unaware of this.
Alice isn't SOL, however...
1: She can always get an account on Hotmail, Yahoo, etc.
2: She should leave her ISP if at all possible. So long as she's at an ISP that is part of the spam problem, all she's doing is indirectly supporting spam. When she DOES leave, she should tell the ISP the reason she's leaving is due to them supporting spammers and getting blacklisted. When an ISP starts losing customers due to spam, maybe they'll change their tune - or go out of business - their choice. Either way, the result will be one less spam-friendly ISP in the world.
Is this all a bit cruel? Perhaps. But remember, there is *nothing* that says I, as an ISP, *must* accept email from you.
Re:Mail servers are private property (Score:2, Interesting)
There are numerous ISPs out there; you are not required to use any one ISP.
If an ISP doesn't fulfil your specific needs, or has policies you disagree with, then there is nothing preventing you from using a different one.
Similarly, if you're an ISP, there's nothing
some companies deserve it (Score:4, Interesting)
Recently, spammers have discovered our open system and have been relaying at a furious rate (read: thousands of emails a day.) This caused *our* email to get reflected back to us most of the time, and it also got my employer's domain on several spammer blacklists. This is such a problem, that the corporate office recently switched ISPs over it.
Now, with the new ISP, the IT guys have "cracked down on security" by banning relaying...for 1/2 the day. In the mornings we can send all the email we want (and so can the spammers), but after we all get back from lunch, no more email can be sent out. My employer is baffled why we can't get off of the blacklists, even after the move to the new ISP. I just laugh and goof off for the rest of the afternoon.
I'm all for an appeals process of some sort in order to get off of spam blacklists, but some companies do deserve to stay there, as long as their habits and policies don't radically change.
not_anne
simple solution.. (Score:4, Interesting)
Maybe 100 lines in perl to accomplish this. no real effort required.
If you had an open relay (Score:3, Interesting)
Bankrupt a few spammers, show others it is not cheap to spam. Maybe get some charged criminally.
All spammers should be tortured, then executed.
Blacklists not the answer... (Score:3, Interesting)
I'm usually all for privacy, but I think we need to be using an email transport protocol that involves some form of authentication. I'm not sure if some such protocol exists already, but it doesn't seem like it would be too hard to create.
Am I way off base here, or wouldn't this cut way down on SPAM?
Re:How to avoid SPEWS black-listings (Score:2, Interesting)
(Someday, I envision a huge "I'm Spartacus!" cascade...)
> My customer goes to the newsgroup to ask to be let out of SPEWS. Group members flame my customer to a crisp because he is supporting spammers when he pays his bill every month.
As for nanae posters flaming your customer to a crisp, well, that's USENET ;-)
Seriously, I do have a problem with that, even though I understand why it happens. The problem is that if you've read nanae long enough, you've seen every spammer lie in the book, and you're very skeptical.
I don't know a solution for that one. It's disturbing - like the cop who busts everyone for minor traffic offenses, because he believes everyone's lying to him. He's heard "I left my wallet at home!" and "Gee, my speedometer must be off!" and "I just noticed the headlight burned out when I left work!" thousands of times over his career, and the thought no longer crosses his mind that once in a while, it'll be the truth.
The nanae problem, in this sense, is that your customer (unlike the poor schmuck who did leave his wallet at home, but who probably realizes he's still toast :-) has no idea how burned-out most nanae denizens have become, and is (IMHO justly) surprised and pissed-off at the rough reception he gets when he tries to make good.
As my initial /. post shows, I'm also part of that problem (too cynical for my own good), which is why I maintain my blocklist on my own box, and only lurk on nanae. But having seen the arguments in nanae so many times, and realizing many /.ers aren't regular nanae readers and haven't read them, I figured I'd throw my two bits in here.
Fake open relays needed (Score:2, Interesting)
so I have this "friend" (Score:2, Interesting)
What do I do? Let him learn the hard way or is there some easy way to teach him a lesson without making him hate me for ruining his server. (and no, I'm not posting the URL here)
He likes the open relay part so that he has his own smtp server he can use from anywhere anytime - even though he has a secure server on DSL at home.
Re:It's democracy and freedom in action. (Score:2, Interesting)
I hardly know where to start...
Well, obviously you did... As for an answer:
Not removing now closed relays from the list is like not releasing prisoners from jail. Something which might or might not be a good idea...
Also, I think the usefulness of DBs like ORBD lies in them staying current, as I think it might cost more losing one important mail than wading through tons of spam.
I really too should point out that I, for myself favours strict filtering of mail(servers), the reason being I'd rather miss out something not so important that most of my mails are, than d/l spam. Though I think this might not be true for others. You (fmaxell) seem to reason along the same lines as I do, but are you sure others do?
Of course, they do! otherwise it wouldn't exist services as ORBD!
Comment removed (Score:4, Interesting)
Re:Blacklist sites (Score:2, Interesting)
In the case of the original poster, being an open relay would get you on my list, assuming I got SPAM, and I'd probably only remove you if there was some reason I wanted to get email from you. If you want off only because you MIGHT email me, forget it.
I'm hoping the "threaten to sue" was a joke, but in today's America it wouldn't suprise me if someone tried. No one has a Right to connect to my email server and send a message unless *I* grant that Right.
Re:some companies deserve it (Score:3, Interesting)
You *do* realise that mail servers can be configured to only accept relays from certain domains? eg from "outlying-branch-isp.com"?
And your new ISP is "cracking down" by letting it go half the day only? Hmmm
I know, it's fun to goof off, but you're doing the rest of the internet a disservice.For chrissakes, get somebody to post your system specs here on slashdot and get somebody will post the steps required to walk you through setting it up
If someone at your outlying branch isp subnet(s) discovers your mail relay after that, well it should be a simple matter for you to get them booted.
Oh, don't post any identifying details about your company, unless you want them to experience THE AWESOME POWER OF THE SLASHDOT EFFECT *evil grin*
Heh , I like the sound of that
"NOBODY EXPECTS THE SLASHDOT EFFECT!"
Kind of python-esque.
Re:Easier solution (Score:3, Interesting)
Re:Just being on the same IP range is bad enough (Score:2, Interesting)
Ever try to get help setting up a complient server? Try sifting through countless messages condeming any and everybody that doesnt fall into their radical camps.
Where are the moderates? http://www.dotcomeon.com/eff_011016.html
zenas
Morons are known to hire idiots in IT (Score:3, Interesting)
An open relay is not necessary in order to make email function at the outlying offices. You don't even need a VPN. The mail server can be configured with the static IP addresses of each of the offices as valid "local" addresses. Of course a VPN is much better as that also improves your security.
As confirmed by another [slashdot.org] of your postings, your company management are morons who have apparently hired idiots for the IT department. Obviously you recognize it, and can leave if you feel that is necessary, or can stay as long as you can deal with it, and are not blamed for it. Should they ever offer to promote you into IT, be sure you insist that you be given the authority to fix the problems with no further permission from management to go ahead.