That's the point. If the origination is a dialup it's either a spammer, a
zombie or some person not following their ISP AUP. Spammers not zombies use
the ISP SMTP server. As such, we allow those.
Relay everything to the ISP and your good. Even SBC allows that. Some
Earthlink dialup's ranges require you to use their outgoing SMTP as they
intentionally block outgoing SMTP. I learned that after spending 30 minutes
trying to configure my mom's email one night to send through one of my servers.
I couldn't telnet to the server on port 25 but I could ping it. The ISP tech
support says (which others including myself have already said) to use the
Earthlink server. Earthlink's explanation was simlpe. Most of the viruses
don't use relays so they were protecting the net from virus based emails.
To the original author of this thread, you should call your ISP and see what
they say.
BTW, people running zombies tend to take months to find out that they have a
virus, by which time they have already dialed the net 2 donzen times polluting
the whole range of IP's.
on 2/5/2004 we rejected 11421 emails based on IP's because they we're RBL'ed.
I'll almost best 99.9% of them were actually spammers. Most of them were
dialup's. Here's a snapshot of why I use RBL's...
Feb 5 04:00:29 vjo-lxutil-06 postfix/smtpd[18962]: 261042071D1: reject: RCPT
from unknown[218.64.164.117]: 554 Service unavailable; Client host
[218.64.164.117] blocked using bl.spamcop.net; Blocked - see
http://www.spamcop.net/bl.shtml?218.64.164.117; from=<[EMAIL PROTECTED]>
to=<removed...> proto=ESMTP helo=<cfs.nrcan.gc.ca>
from spamcop.net
Since SpamCop started counting, this system has been reported about 740 times
by about 150 users. It has been sending mail consistently for at least 30.8
days. In the past 30.1 days, it has been listed 5 times for a total of 26.5
days
In the past week, this system has:
* Been reported as a source of spam about 10 times
* Been detected sending mail to spam traps
* Been witnessed sending mail about 420 times
Other hosts in this "neighborhood" with spam reports:
* 218.64.164.30
* 218.64.164.78
* 218.64.164.103
* 218.64.164.104
* 218.64.164.107
* 218.64.164.197
Gary Smith
-----Original Message-----
From: Mattias Ahnberg [mailto:[EMAIL PROTECTED]
Sent: Fri 2/6/2004 9:51 AM
To: [EMAIL PROTECTED]
Cc:
Subject: Re: Lost of FPs because of IPs listed in DUL + "open Proxy"
>> "JB" == Jens Benecke <[EMAIL PROTECTED]> writes:
JB> I'm complaining about DUL IPs being stuck in "open relay" lists
JB> FOR MONTHS, although it only hurts legitimate customers: the
JB> spammer just hangs up, dials in again, gets a new IP and goes on
JB> spamming, once his IP is listed.
Personally I believe that a lot of the dialup IPs that spam are just
used without their owners knowledge by being infected by a trojan that
lets someone else relay through them. I have a hard time believing
that the ratio of this compared to people who intentionally spam from
their own dialup account (or someone elses abused account ofcourse) is
very high.
But still, the problem is the same. :)
/ahnberg.
