I never considered snail mail, that is a viable option. The business customer we will call the IT staff directly on. The spf requirement will be a marginally enforced best practice, if were were suballocating our space to them i wouldnt care, just trying to get to a point where we dont consistently have blacklisted IP space.
regarding not being up to date, ive gotten us to about 1998, eventually we will be in this century, time, money, train, time, money, train, a vicious circle. On Fri, Oct 14, 2016 at 12:45 PM, Ken Hohhof <af...@kwisp.com> wrote: > I’d post a notice on your website and social media pages, wait 1-2 weeks, > and just do it. Most ISPs did this many years ago, hard to believe you > still have it open and that any significant number of customers are doing > mail that way. > > > > The only customers who should need that are business customers with their > own mailserver on premise rather than in the cloud. You could snailmail a > notice to your business customers, assuming that’s a small subset of your > total customers, and also that postal mail will work with them. > > > > I’m not sure I’d impose an SPF requirement. If a business customer says > they have an onsite mailserver, they can opt out of port 25 blocking, how > they configure their mailserver and DNS is up to them unless there is an > incident. All of our business customers (by which I mean they are on a > commercial plan) have a static IP address, so they are easy to track down. > If someone wants port 25 unblocked on a residential account, sorry, not > available on the plan you’re on. > > > > > > *From:* Af [mailto:af-boun...@afmug.com] *On Behalf Of *That One Guy > /sarcasm > *Sent:* Friday, October 14, 2016 12:21 PM > *To:* af@afmug.com > *Subject:* Re: [AFMUG] communicating with customers without untraining > them > > > > thats what i did > > > > its the communication with them thats in question > > > > if we initiate it in any way, we pretty much un train them no matter what > > > > On Fri, Oct 14, 2016 at 12:18 PM, Cassidy B. Larson <c...@infowest.com> > wrote: > > Can’t you watch for outbound netflow data for remote port 25’s from your > customers you’re going to drop port 25 on? > > Then proactively call/email them saying it’s going away. > > > > Or if you want to keep up with the antiphishing then tell them to contact > you back at the known good number/email they have for you or is published > on your website. > > > > > > On Oct 14, 2016, at 11:13 AM, That One Guy /sarcasm < > thatoneguyst...@gmail.com> wrote: > > > > I think this has been discussed in the past. > > > > As part of our overall security implementation we will be dropping > outbound port 25 for non business customers and business customers dont > have an email rserver on record with an appropriately configured SPF record. > > > > I know which customers havent gotten with the times. The problem is how > best to communicate with them. I am thinking its best to just drop it for a > few hours at a time to drive support calls from those who notice it during > that window periodically until we implement it permanently to limit a flood > of support calls all at once. And maybe a notice on our website of what is > going on. > > > > The issue I have is if we reach out in any way, directly, we circumvent > all the antiphishing propaganda. If we email, then spoofed emails are > trusted, if we email with a link, then they start trusting spoofed emails > with links, same with our telephone number. If we reach out directly via > telephone, well then they start paying IRS fines to John from india. > > > > anybody else implemented this and handled it responsibly? > > > > -- > > If you only see yourself as part of the team but you don't see your team > as part of yourself you have already failed as part of the team. > > > > > > > > -- > > If you only see yourself as part of the team but you don't see your team > as part of yourself you have already failed as part of the team. > -- If you only see yourself as part of the team but you don't see your team as part of yourself you have already failed as part of the team.
