ATTBI is NOT worldnet.att.net dialup
-----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] Behalf Of Len Conrad Sent: Tuesday, September 16, 2003 12:54 PM To: [EMAIL PROTECTED] Subject: RE: [IMail Forum] Certain ISP's failure/IMail >If we can just figure out how to make this happen to the hundred of spam >emails each day and not the legitimate emails from AT&T and Verizon, there's >money to be made here. first, total connects from ATTBI TLD is right up there in qty with the spammer TLD's Host/Domain Summary: SMTPD Connections (top 30) connections time conn. avg./conn. max. time host/domain ----------- ---------- ---------- --------- ----------- 1950 1:54:14 4s 32s flowgo.com 1792 1:43:08 3s 233s webshoppe.net 1462 9:21:04 23s 258s opinionsurveys.com 1340 3:49:42 10s 231s comcast.net 926 3:02:29 12s 228s tpcper.com 909 3:19:38 13s 236s rr.com 811 0:20:46 2s 4s e-i1.com 698 2:06:03 11s 230s attbi.com <<<<< 460 0:50:35 7s 22s smtp1.com 404 0:14:20 2s 29s sawyerfg.com 403 0:10:17 2s 12s trainovation.com 390 0:16:46 3s 44s yahoo.com 382 0:23:37 4s 14s registeredwinners.com and then the "subscriber networks" filter lays waste to Orcs: Client host rejected: ACL mta_clients_subscriber The IP address of your sending machine is on a proscribed subscriber access network. Send from a non-subscriber network (total: 4863) 793 comcast.net 494 attbi.com <<<<<<<<<<< 259 optonline.net 250 dsl-verizon.net 198 rima-tde.net 187 ameritech.net 178 pacbell.net 170 telesp.net.br 133 btopenworld.com 118 t-dialin.net 116 swbell.net 113 prodigy.net.mx Then PTR hostname and sender.domain filtering: Client host rejected: The sending IP is not authorized to send MAIL FROM: @sender.domain (total: 3933) 378 comcast.net 249 rr.com 168 attbi.com <<<< then BS in helo field: Helo command rejected: need fully-qualified hostname (total: 2610) 381 217.132.85.173 50 69.60.0.10 50 69.60.0.43 36 attbi.com <<<< SAV kills forged sender.domains: Sender address rejected: unverified address (total: 4827) 485 [EMAIL PROTECTED] 226 [EMAIL PROTECTED] . . . . 4 [EMAIL PROTECTED] 4 [EMAIL PROTECTED] 4 [EMAIL PROTECTED] <<<<<<<<<<< 4 [EMAIL PROTECTED] <<<<<<<<<< lots of clumps of these 4 [EMAIL PROTECTED] Sender address rejected: undeliverable address (total: 95) 2 [EMAIL PROTECTED] 1 [EMAIL PROTECTED] 1 [EMAIL PROTECTED] 1 [EMAIL PROTECTED] 1 [EMAIL PROTECTED] 1 [EMAIL PROTECTED] 1 [EMAIL PROTECTED] 1 [EMAIL PROTECTED] 1 [EMAIL PROTECTED] 1 [EMAIL PROTECTED] 1 [EMAIL PROTECTED] 1 [EMAIL PROTECTED] 1 [EMAIL PROTECTED] 1 [EMAIL PROTECTED] 1 [EMAIL PROTECTED] 1 [EMAIL PROTECTED] 1 [EMAIL PROTECTED] 1 [EMAIL PROTECTED] 1 [EMAIL PROTECTED] 1 [EMAIL PROTECTED] 1 [EMAIL PROTECTED] 1 [EMAIL PROTECTED] 1 [EMAIL PROTECTED] 1 [EMAIL PROTECTED] 1 [EMAIL PROTECTED] 1 [EMAIL PROTECTED] 1 [EMAIL PROTECTED] 1 [EMAIL PROTECTED] 1 [EMAIL PROTECTED] 1 [EMAIL PROTECTED] 1 [EMAIL PROTECTED] 1 [EMAIL PROTECTED] <<<<< 1 [EMAIL PROTECTED] <<<<<<< As you can see, be defining ATTBI subscriber networks as illegitimate, we solved that abuse problem definitively, with no false positives. the rest is peanuts, such as spam coming form ATT MTAs. When ATT fixes their abuse problem on their subscriber networks, we will remove the blanket block on their subscriber nets. Fair enough? Len _____________________________________________________________________ http://MenAndMice.com/DNS-training: San Jose; Wash DC; Dallas; Atlanta IMGate.MEIway.com: anti-spam gateway, effective on 1000's of sites, free To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/ To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
