Hi Greg >I believe your argument, and your methodology, is fundamentally flawed.
Why am I not surprised at your opinion ? :) >You say "we have no false positives" and yet I presented one to you in >the form of my original request. I have defined all subscriber networks as illegitimate sources of msgs for my MX, so by my definition (it's my MX, right?), your mailer on hsia is illegit. The burden is on you to prove to us you aren't (this ain't hard to do). The effectiveness of this filter against the 99.99% crap coming from subscriber networks world-wide is just too overwhelming not to use. >You blocked email, considering it as spam, when it most assuredly was not. I didn't say it was spam. Our policy is that hsia.telus.net and 350+ similar subscriber PTR domains world-wide have been defined as illegitimate, unwelcome posters to our MX. >Now, regarding spam policies...a better alternative, and one that >actually provides service for customers is SpamAssassin We know all about content scanners like Spam Asssassin and have rejected them as a front-line defense since they all receive the entire msg (DATA portion) and then reject. We strongly prefer to reject after RCPT TO based on the 4tuple of MTA IP, helo hostname, mail from:, and rcpt to:. This requires only a few bytes per reject, is sufficient information to reject reliably, and scales extremely well (eg, 850 MHz machine rejecting 75 K msgs/hour in a dictionary attack, without impeding legit mail) >(http://useast.spamassassin.org/doc.html). It's effective yes, it is but the SA user has to accept the serious consumption of bandwidth and resources to handle the DATA command. We prefer not to, and we don't have to. >, and >definitely more so than draconian blocking of large chunks of the >internet. We do not block subscriber networks on a whim or without solid reasons, but based on observation of 1000s upons 1000s crap msgs (bad 4tuple) sourced by those network with effectively no offsetting legit mail. eg, your sole complaint, from one IP, on one day, is vastly outweighed by the crap we receive from hsia 24 x 365. The stinking spam fish are in a barrel, we'd be nuts not to blast away. The collateral damage to you might eventually cause telus to stop the abuse. >Please keep in mind that spammers really are a miniscule >percentage of internet users. Internet, I can't influence. But, Internet _mail_ is my business, and all the big anti-spam shops report 50+% of global email is spam, is increasing relentlessly without limits in view. I consider 50+& to be low, since the %age rejects at major ISPs I deal with is 75% to 90% rejects. I've been reading articles recently by supposedly "insider", full time ant-spammers who consider spam to have broken internet email beyond recovery. I read other articles where many users are stopping to use email altogether because of spam. We are talking about the NUMBER ONE KILLER APP for Internet. AOL claims to reject 8 B msgs/day, and still they get millions of spam complaints from their paying customers to block more. >Blocking so many people does nothing to >help the internet and does even less to prevent spam in general. yes, it helps tremendously. telus.net does not police the mail sent from their networks, so blocking the Telus' Gregs ought make the Gregs bitch to telus about the difficulty of getting Gregs' mail delivered, and get Telus to police their nets. The proposition is extremely simple and clear: we'll stop blocking subscriber networks when subscriber networks stop inundating us with crap mail. Fair enough? >If you really need to block spammers, why not simply use the RBL lists? The spammers' henchmen are shutting down the RBL servers (osirus, with very probably more to follow...) with DDoS attacks. >You are likely using an SMTP server with that capability. Of course, but contributions from RBLs, while welcome, have never been primary or even majority contributors to total rejects. Doing RBL queries is slower than local rulesets, RBL servers can be very slow or non-reachable, causing all MXs using RBL to choke off their incoming while waiting for the RBL queries to timeout. >If you are getting verified spam We are seeing crap 4tuples (of which I supplied with many samples), that suffices to make our decision to block. And valid 4tuples are easy to spot as crap ones. >, then add those specific addresses to the RBLs you >use! Certainly this will be more effective than what you are doing now nope, blocking subscriber networks is highly effective, efficient, and reliable. RBLs servers, if they survive, don't even come close. >Lastly, I have no interest in defending Telus no, but if your mailer has more and more trouble delivering mail because ISPs refuse subscriber networks, then you can attack, not defend, Telus for not policing their networks. If you do, great. If you don't, I don't care. I've solved my hsia.telus.net problem. >, but you may wish to think >twice before you use potentially libellous insults across the internet >to strangers, most especially when you are acting as a representative of >a company. libel? what libel? I address myself generally to the mail abuse coming hsia.telus.net. It has nothing to do with you, or intouch, your wife, or anything else. I accuse you of absolutlely nothing, no defamatioin, no libel, zilch. And I have and can get tons more evidence of being abused by hsia.telus.net. > It's a good way to find yourself in a bad legal predicament. "Bring 'em on!!" :) Seriously, the right to send to my MX is a right that I grant, NOT a right the Gregs on hsia.telus.net can impose upon me. hsia.telus.net has abused the right I granted them as benefit of the doubt/goodwill. hsia's abusive behavior has caused me to suspend mail delivery rights. >For the record, I called Telus and straightened out the reverse lookup >and PTR issues. your IP had a hsia.telus.net PTR hostname. I didn't block you because of any incorrectness in your DNS setup, your wife's content, or intouch company. Since my rules block by PTR hostname (not by numerical IP), if you can get telus to give your IP a PTR not under the hsia domain, you escape my filter. But the burden of that is on you, not me. Or, you can relay your outbound mail through telus SMTP gateway which we don't block, or some IP not on subscriber nets. There are millions available within the tiniest effort. btw, I see you web server is not on hsia: # dig -x 64.69.91.201 ; <<>> DiG 9.2.1 <<>> -x 64.69.91.201 ;; global options: printcmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43514 ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1 ;; QUESTION SECTION: ;201.91.69.64.in-addr.arpa. IN PTR ;; ANSWER SECTION: 201.91.69.64.in-addr.arpa. 10000 IN PTR beefcake.intouch.ca. So, relay your outbound through beefcake (hmm, maybe not, beefcake is too similar to spam) :)) > They were helpful, if slightly incredulous as to your >spam prevention methods. If you give me a serious, responsible contact at telus, I can provide the contact with many MB of zipped log files documenting abuse from hsia.telus.net IPs. But frankly, telus wasn't started up over the this last weekend, so they have been allowing voluminous abuse for a long time. I really don't expect them to change. The only immediate solution is block hsia.telus.net en masse. btw, feel free to copy this msg to anybody you want. I've copied my response to a small, private, members-only list that I run. Best regards, Len
