On Sun, 13 Apr 2008, Barry Shein wrote:
>
> For example, and it's only an example don't quibble the example,
> defining a list of return SMTP codes which are actually specific and
> meaningful like (let's assume they should be 5xx, maybe 7xx would be a
> better start? Policy failure codes)
> [..
On Thu, Apr 10, 2008 at 10:30 AM, Barry Shein <[EMAIL PROTECTED]> wrote:
>
>421 4.7.0 [TS01] Messages from MAILSERVERIP temporarily deferred due
> to user complaints - 4.16.55.1; see http://postmaster.yahoo.com/421-ts01.html
>
> (where MAILSERVERIP is one of our mail server ip addres
(all opinions below my own... comments are intended to address a
number of points made previously in this extended thread, by rick and
others)
are you saying you don't consider the sending ip address or the
envelope sender or the envelope recipient to be
a. useful for spam detection
b.
Folks,
Can we wrap the mail threads up or at least move them over to their
respective best-places like zorch, nsp-sec, spam-l, asrg, or
yet-another-favorite-list-for-spam-religion? We've gone far beyond
typical mass-mail operations.
Best Regards,
Marty
--
Martin Hannigan
> > You want to define standards? Let's define some standard for
> > establishing permission to mail. If we could solve the
> > permission problem, then the filtering wouldn't be such a
> > problem, because there wouldn't need to be as much (or maybe
> > even any). As a user, I want a way t
> Filtering stinks. It is resource-intensive, time-consuming,
> error-prone, and pretty much an example of something that is
> desperately flagging "the current e-mail system is failing."
Hear, hear!
> You want to define standards? Let's define some standard for
> establishing permission to
> if we got rid of or incapacitated the massive botnets that would be a
> trickle, manageable, and hardly be worth fussing about, particularly
> on an operational list.
this presumes non-inventive spammers, which i fear is not the case. but
it sure would be a good place to start :)
randy
On Sun, Apr 13, 2008 at 11:48:31PM -0400, Rich Kulawiec wrote:
> On Sun, Apr 13, 2008 at 08:04:12PM -0400, Barry Shein wrote:
> A number of things that are true, including:
>
> > I say the core problem in spam are the botnets capable of delivering
> > on the order of 100 billion msgs/day.
>
> Bu
> On Sun, Apr 13, 2008, Joe Greco wrote:
> > I believe this is functionally equivalent to the "block 25 and consider
> > SMTP dead" FUSSP.
> >
> > It's worth noting that each "newer" system is being systematically attacked
> > as well. It isn't really a solution, it's just changing problem platf
On Sun, Apr 13, 2008 at 08:04:12PM -0400, Barry Shein wrote:
A number of things that are true, including:
> I say the core problem in spam are the botnets capable of delivering
> on the order of 100 billion msgs/day.
But I say the core problem is deeper. Spam is merely a symptom of an
underlyi
1. They are not complaints as such. They are what AOL users click report spam on
2. They are sent in a standard format - http://www.mipassoc.org/arf/ -
and if you weed out the obvious (separate forwarding traffic out
through another IP, and ditto for bounce traffic), then you will find
that - for
On Sun, Apr 13, 2008, Joe Greco wrote:
> I believe this is functionally equivalent to the "block 25 and consider
> SMTP dead" FUSSP.
>
> It's worth noting that each "newer" system is being systematically attacked
> as well. It isn't really a solution, it's just changing problem platforms.
> The
On Mon, Apr 14, 2008, Simon Lyall wrote:
> That is not anything new. ICQ is 10 years old and IRC was common in the
> early 90s. I would guess plenty of people on this list use (and used back
> then) both to talk to their friends and team mates.
There's a difference here. In the 90's we used IRC
SL> Date: Mon, 14 Apr 2008 14:47:12 +1200 (NZST)
SL> From: Simon Lyall
SL> The question is what tool are people going to use to talk to people,
SL> government bodies and companies that they are not "friends" with?
SL> Even if the person you want to contact is on IM it is likely they
SL> will bloc
On Mon, 14 Apr 2008, Adrian Chadd wrote:
> There already has been a paradigm shift. University students ("college" for
> you
> 'merkins) use facebook, myspace (less now, thankfully!) and IMs as their
> primary online communication method. A number of students at my university
> use email purely b
AC> Date: Mon, 14 Apr 2008 10:18:40 +0800
AC> From: Adrian Chadd
AC> There already has been a paradigm shift. University students
AC> ("college" for you 'merkins) use facebook, myspace (less now,
AC> thankfully!) and IMs as their primary online communication method.
IOW: "Must establish trust O
> On Sun, Apr 13, 2008, Joe Greco wrote:
> > browsers such as Firefox and Thunderbird. But it is a LARGE paradigm
> > shift, and it doesn't even solve every problem with the e-mail system.
> >
> > I am unconvinced that there aren't smaller potential paradigm shifts that
> > could be made. Howev
On Sun, Apr 13, 2008, Joe Greco wrote:
> browsers such as Firefox and Thunderbird. But it is a LARGE paradigm
> shift, and it doesn't even solve every problem with the e-mail system.
>
> I am unconvinced that there aren't smaller potential paradigm shifts that
> could be made. However...
Ther
> Massive quoting gets old fast so I'll try to summarize and if I
> misrepresent your POV in any way my profuse apologies in advance.
>
> First and foremost let me say that if we had a vote here tomorrow on
> the spam problem I suspect you'd win but that's because most people,
> even (especially)
On Apr 13, 2008, at 2:24 PM, Joe Greco wrote:
For example, I feel very strongly that if a user signs up for a
list, and
then doesn't like it, it isn't the sender's fault, and the mail
isn't spam.
Now, if the user revokes permission to mail, and the sender keeps
sending,
that's covered as s
On Apr 13, 2008, at 5:04 PM, Barry Shein wrote:
Massive quoting gets old fast so I'll try to summarize and if I
misrepresent your POV in any way my profuse apologies in advance.
First and foremost let me say that if we had a vote here tomorrow on
the spam problem I suspect you'd win but that
[mailto:[EMAIL PROTECTED] On Behalf Of Dave Dennis
Sent: Sunday, April 13, 2008 7:16 PM
To: Geo.
Cc: nanog@merit.edu
Subject: Re: Problems sending mail to yahoo?
On Sun, 13 Apr 2008, Geo. wrote:
>
>
> > of abuse might be useful for large providers, but since we can't even
> &g
Massive quoting gets old fast so I'll try to summarize and if I
misrepresent your POV in any way my profuse apologies in advance.
First and foremost let me say that if we had a vote here tomorrow on
the spam problem I suspect you'd win but that's because most people,
even (especially) people who
FBi> Date: Sat, 12 Apr 2008 15:42:29 -0500
FBi> From: Frank Bulk - iNAME
FBi> Sounds like the obvious thing to tell customers complaining about
FBi> their e-mail not getting to Yahoo! is to tell them that Yahoo!
FBi> doesn't want it.
Obviously. That's when the client asked if their servers (per
On Sun, 13 Apr 2008, Geo. wrote:
>
>
> > of abuse might be useful for large providers, but since we can't even
> > get many domains even to set up the already-specified abuse@ address, much
> > less read the mail we send to it,
>
> When someone like AOL offloads their user complaints of spams to
At 04:41 PM 4/13/2008, Geo. wrote:
of abuse might be useful for large providers, but since we can't even
get many domains even to set up the already-specified abuse@
address, much less read the mail we send to it,
When someone like AOL offloads their user complaints of spams to all
the abuse
> On April 13, 2008 at 14:24 [EMAIL PROTECTED] (Joe Greco) wrote:
> > I would have thought it was obvious, but to see this sort of enlightened
> > ignorance(*) suggests that it isn't: The current methods of spam filtering
> > require a certain level of opaqueness.
>
> Indeed, that must be the
of abuse might be useful for large providers, but since we can't even
get many domains even to set up the already-specified abuse@ address, much
less read the mail we send to it,
When someone like AOL offloads their user complaints of spams to all the
abuse@ addresses instead of verifying t
On April 13, 2008 at 14:24 [EMAIL PROTECTED] (Joe Greco) wrote:
>
> I would have thought it was obvious, but to see this sort of enlightened
> ignorance(*) suggests that it isn't: The current methods of spam filtering
> require a certain level of opaqueness.
Indeed, that must be the proble
On April 13, 2008 at 15:17 [EMAIL PROTECTED] (Rob Szarka) wrote:
>
> At 02:18 PM 4/13/2008, Barry Shein wrote:
> >Is it [EMAIL PROTECTED] or [EMAIL PROTECTED] or [EMAIL PROTECTED] or
> >[EMAIL PROTECTED] (very commonly used) or [EMAIL PROTECTED] Who cares? But
> >let's pick ONE, stuff it in
> Gak, there isn't even a standard code which means MAILBOX FULL or
> ACCOUNT NOT RECEIVING MAIL other than MAILBOX FULL, maybe by choice,
> maybe non-payment, as specific as a site is comfortable with.
>
> That's what I mean by standards and at least trying to focus on what
> can be done rather
At 02:18 PM 4/13/2008, Barry Shein wrote:
Is it [EMAIL PROTECTED] or [EMAIL PROTECTED] or [EMAIL PROTECTED] or
[EMAIL PROTECTED] (very commonly used) or [EMAIL PROTECTED] Who cares? But
let's pick ONE, stuff it in an RFC or BCP and try to get each other to
conform to it.
[EMAIL PROTECTED] is *
I realize it's natural and predictable, when spam is mentioned, to
repeat the folklore...then the robots came and we were all driven
underground to survive...
However my point was something more in the realm of standards and
operations and what we can do rather than going back over what we
can't
Roger Marquis wrote:
>
> Sounds like the party line inside Yahoo, but there are plenty of ISPs that
> do a really good job of combating spam. They do it with standard tools
> like RBLs, Spamassassin, OCR, ClamAV and without ineffective diversions
> like SPF or DKIM.
>
Seen from inside, it i
On Sun, Apr 13, 2008 at 11:15 AM, Roger Marquis <[EMAIL PROTECTED]> wrote:
> Sounds like the party line inside Yahoo, but there are plenty of ISPs that
> do a really good job of combating spam. They do it with standard tools
> like RBLs, Spamassassin, OCR, ClamAV and without ineffective divers
Joe Greco wrote:
So it's a vast sea of security by obscurity and standards be damned.
It's a real and serious failure of the IETF et al.
...
Having nearly given up in disgust on trying to devise workable anti-spam
solutions that would reliably deliver requested/desired mail to my own
mailbox, I
> "dear coo/ceo/whomever: i want approval to send the five folk
> who go to nanog, and the five folk who go to maawg, and the
> five folk who go to first to *all* go to the new frobnitz
> joint conference."
>
> think that'll fly?
Why not? We already solved that problem for the five folk who g
44 PM
To: nanog@merit.edu
Subject: Re: Problems sending mail to yahoo?
JA> Date: Fri, 11 Apr 2008 10:22:11 -0400
JA> From: Joe Abley
JA> To return to the topic at hand, you may already have outsourced the
JA> coordination of your boycott to Yahoo!, too! They're already not
J
On Sat, Apr 12, 2008 at 09:36:43AM -0700, Matthew Petach wrote:
> *heh* And yet just last year, Yahoo was loudly dennounced for
> keeping logs that allowed the Chinese government to imprison
> political dissidents. Talk about damned if you do, damned if don't...
But those are very different kin
On 4/11/08, Raymond L. Corbin <[EMAIL PROTECTED]> wrote:
>
> It's not unusual to do /24 blocks, however Yahoo claims they do not keep any
> logs as to what causes the /24 block. If they kept logs and were able to tell
> us which IP address in the /24 sent abuse to their network we would then be
[ should this move to nanog-futures? well, it's a quiet saturday ]
> Collocation would be a useful idea - save airfare, hotel etc.
immensely difficult. the nanog sc could not even get the nanog
administrative structure to avoid a direct and damaging conflict with
afnog for the next meeting. i
On Sat, Apr 12, 2008 at 9:02 AM, Randy Bush <[EMAIL PROTECTED]> wrote:
> > Packet pushers go to *NOG. And the abuse desks mostly all go to
> > MAAWG. And any CERTs / security types the ISP has go to FIRST and
> > related events. And most of them never do coordinate internally, run
> > by di
Suresh Ramasubramanian wrote:
> On Sat, Apr 12, 2008 at 2:34 AM, Barry Shein <[EMAIL PROTECTED]>
> wrote:
>> The lesson one should get from all this is that the ultimate harm
>> of spammers et al is that they are succeeding in corrupting the
>> idea of a standards-based internet.
huh? i think th
On Sat, Apr 12, 2008 at 2:34 AM, Barry Shein <[EMAIL PROTECTED]> wrote:
> The lesson one should get from all this is that the ultimate harm of
> spammers et al is that they are succeeding in corrupting the idea of a
> standards-based internet.
The lesson here is that different groups at the sa
On Fri, Apr 11, 2008 at 8:37 PM, Raymond L. Corbin
<[EMAIL PROTECTED]> wrote:
> It's not unusual to do /24 blocks, however Yahoo claims they do not keep any
> logs as to what causes the /24
We keep quite detailed logs. No comment about yahoo - I've never been
at the other end of a /24 block from
> > The lesson one should get from all this is that the ultimate harm of
> > spammers et al is that they are succeeding in corrupting the idea of a
> > standards-based internet.
> >
> > Sites invent policies to try to survive in a deluge of spam and
> > implement those policies in software.
> >
> -Original Message-
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf
Of
> Barry Shein
> Sent: Friday, April 11, 2008 5:04 PM
> To: nanog@merit.edu
> Subject: Re: Problems sending mail to yahoo?
>
>
>
> The lesson one should get from all thi
The lesson one should get from all this is that the ultimate harm of
spammers et al is that they are succeeding in corrupting the idea of a
standards-based internet.
Sites invent policies to try to survive in a deluge of spam and
implement those policies in software.
Usually they're loathe to e
JA> Date: Fri, 11 Apr 2008 10:22:11 -0400
JA> From: Joe Abley
JA> To return to the topic at hand, you may already have outsourced the
JA> coordination of your boycott to Yahoo!, too! They're already not
JA> accepting your mail. There's no need to stop sending it! :-)
Except for queue management.
At 10:22 AM 4/11/2008, Joe Abley wrote:
It turns out that if Y! doesn't want to receive mail from me,
suddenly I can't send mail to anybody in my extended family, or to
most people I know in the town where I live. These involve domains
like ROGERS.COM and BTINTERNET.COM, and not just the o
At 10:33 AM 4/11/2008, you wrote:
I gave up sending abuse reports to Yahoo (and Hotmail) many years ago.
I gave up on Hotmail, too, though occasionally I try a sample to see
if they've improved. The latest came back with a message saying that
I had to resubmit my report to any entirely diffe
10, 2008 11:56 PM
To: Raymond L. Corbin
Cc: Chris Stone; nanog@merit.edu
Subject: /24 blocking by ISPs - Re: Problems sending mail to yahoo?
On Fri, Apr 11, 2008 at 1:22 AM, Raymond L. Corbin
<[EMAIL PROTECTED]> wrote:
>
> Yeah, but without them saying which IP's are causing t
On Thu, Apr 10, 2008 at 11:58:05PM -0400, Rob Szarka wrote:
> I report dozens of spams from my personal account alone every day and never
> receive anything other than automated messages claiming to have dealt with
> the same abuse that continues around the clock or, worse, bogus/clueless
> cla
On 10 Apr 2008, at 23:58 , Rob Szarka wrote:
At 02:23 PM 4/10/2008, you wrote:
Maybe we all should do the same to them until they quit spewing out
all the
Nigerian scams and the like that I've been seeing from their
servers lately!
If there were an coordinated boycott, I would particip
At 02:23 PM 4/10/2008, you wrote:
Maybe we all should do the same to them until they quit spewing out all the
Nigerian scams and the like that I've been seeing from their servers lately!
Chris
If there were an coordinated boycott, I would participate. Yahoo is
*by far* the worst single abuse
On Fri, Apr 11, 2008 at 1:22 AM, Raymond L. Corbin
<[EMAIL PROTECTED]> wrote:
>
> Yeah, but without them saying which IP's are causing the problems you can't
> really tell
> which servers in a datacenter are forwarding their spam/abusing Yahoo. Once
> the /24
> block is in place then they claim
HY> Date: Thu, 10 Apr 2008 16:17:08 -0400
HY> From: Henry Yen
HY> Naaah. I hear that Microsoft is going to buy Yahoo!, so this
HY> problem will go away once Yahoo! mail gets folded into Microsoft
HY> hotmail, whereupon things will get soo much better!
Maybe all the 42x responses are an atte
ailto:[EMAIL PROTECTED] On Behalf Of Henry Yen
Sent: Thursday, April 10, 2008 4:17 PM
To: nanog@merit.edu
Subject: Re: Problems sending mail to yahoo?
On Thu, Apr 10, 2008 at 12:23:24PM -0600, Chris Stone wrote:
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> Matt Baldw
On Thu, Apr 10, 2008 at 01:30:06PM -0400, Barry Shein wrote:
> Is it just us or are there general problems with sending email to
> yahoo in the past few weeks?
It's not you. Lots of people are seeing this, as Yahoo's mail servers
are apparently too busy sending ever-increasing quantities of spa
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Raymond L. Corbin wrote:
> Yeah, but without them saying which IP's are causing the problems you can't
> really tell which servers in a datacenter are forwarding their spam/abusing
> Yahoo. Once the /24 block is in place then they claim to have no
ould at least keep logs
as to what caused them to escalate it to that not simply say 'it's your network
you figure it out..'
-Ray
-Original Message-
From: Chris Stone [mailto:[EMAIL PROTECTED]
Sent: Thursday, April 10, 2008 4:08 PM
To: Raymond L. Corbin
Cc: nanog@merit.
On Thu, Apr 10, 2008 at 12:23:24PM -0600, Chris Stone wrote:
>
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> Matt Baldwin wrote:
> > mostly. It feels like a poorly implemented spam prevention system.
> > Doing some Google searches will turn up some more background on the
> > issue. W
2008 3:33 PM
To: Raymond L. Corbin
Cc: nanog@merit.edu
Subject: Re: Problems sending mail to yahoo?
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Raymond L. Corbin wrote:
> Hello,
>
> I have had to tell some dedicated server clients that they will need to
> disable their forwards to
> Barry Shein wrote:
> > Is it just us or are there general problems with sending email to
> > yahoo in the past few weeks? Our queues to them are backed up though
> > they drain slowly.
> >
> > They frequently return:
> >
> >421 4.7.0 [TS01] Messages from MAILSERVERIP temporarily deferr
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Raymond L. Corbin wrote:
> Hello,
>
> I have had to tell some dedicated server clients that they will need to
> disable their forwards to Yahoo or add something like postini for those
> accounts that forward to Yahoo...It generally works...howeve
x27; or 'over loaded' they will accept the message.
(Paraphrased from conversations with their 'Bulk Mail Advocacies and Anti-Abuse
manager.)
-Ray
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Chris Stone
Sent: Thursday, April 10, 2008 1:49
FWIW:
I've been tempted to implement sort of a "reverse blacklisting". If an
(MX|provider) trips a 4xx threshold, have the local MTA s/4/5/ on emails
to the problem (MX|domain). If it trips a 5xx threshold, including
"upgraded" 4xx responses, simply refuse delivery altogether at the local
end.
BS> Date: Thu, 10 Apr 2008 13:30:06 -0400 (EDT)
BS> From: Barry Shein
BS> Is it just us or are there general problems with sending email to
BS> yahoo in the past few weeks? Our queues to them are backed up though
BS> they drain slowly.
[ snip details ]
BS> Just wondering if this was a widesprea
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Matt Baldwin wrote:
> mostly. It feels like a poorly implemented spam prevention system.
> Doing some Google searches will turn up some more background on the
> issue. We've been telling our users that Yahoo mail is problematic
> and if they can t
Is it just us or are there general problems with sending email to
yahoo in the past few weeks? Our queues to them are backed up though
they drain slowly.
I have ~3,000 messages (from today) stuck with this 421-ts01 problem.
Mostly it's our "campus mail bag" which is a digest that goes out
I work for an ISP that seems to have the same exact problem. We're not
even that large of an ISP, 5k customers maybe. We are not a SPAM haven
either.
We've tried to work with Yahoo! also and have gotten nowhere.
If you find anything out on how to deal with it, let me know.
I'll update you
On Thu, Apr 10, 2008 at 01:30:06PM -0400, Barry Shein wrote:
> Is it just us or are there general problems with sending email to
> yahoo in the past few weeks? Our queues to them are backed up though
> they drain slowly.
>
> They frequently return:
>
>421 4.7.0 [TS01] Messages from MAILS
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Barry Shein wrote:
> Is it just us or are there general problems with sending email to
> yahoo in the past few weeks? Our queues to them are backed up though
> they drain slowly.
>
> They frequently return:
>
>421 4.7.0 [TS01] Messages fro
73 matches
Mail list logo