On Sun, 2 May 2004 06:31:37 +0200, you wrote: >----- Original Message ----- >From: "Michael W.Cocke" >> On Sat, 1 May 2004 16:02:30 +0200, you wrote: >> John Fawcett wrote: >> >Can you give an example of an ISP in this situation? >> >> Believe it or not, AT&T business DSL doesn't offer mail services (or >> DNS service) unless you spring for the 5 IP address plan - which costs >> $50.00 per month more than the single IP plan that I use. I would >> have to use their webmail system if I wanted to use their mail server. >> Not going to happen. >> >I doubt that they expect the users to choose to run mail servers in >these circumstances. > >Things could get worse. They could, as other ISPs have done, block port >25 outbound, inbound or both, if they really wanted to push people to >choosing >a different solution. > >> >In reality it isn't as stupid as it appears to you. Dynamic IPs change >> >"ownership" every time a new connection is made. There is an issue of >> >responsability. If spam arises from a dynamic ip how do you find out >> >who sent it? Not all ISPs keep or are interested in looking up >> >logs of dynamic ip assignments to progress spam reports. Not >> >accepting mail from dynamic ranges is remarkably effective at >> >stopping spam amongst other things. >> >> I agree that the dynamic IP issue is sticky - but that's what content >> filters are for, IMHO. No one in their right mind is going to pump >> 5000 emails out on a dialup line. Cable modems... hmmmm... I don't >> have a good answer. >> >There are apparently still many uses for dialup lines by spammers. >They can offload small message volumes onto hijacked open >proxies, open relays or trojaned machines and then let these >machines do the address expansion and bandwidth intensive work. >Also spammers may use dual homed situations of a dialup line >and broadband in conjunction. I can't remember how that works >exactly, but the idea is that if they get kicked for spamming, they >just lose the dialup account since the mail appears to come >from there, whereas in reality they have been pumping it >across a broadband connection. > >Blocking dynamic ip ranges is effective in these cases. >I see spam coming from dynamic ips, else I wouldn't block them. >There is no point in passing it to a content filter if I'm already >convinced it is spam. The resource intensive content filtering >can be kept for less obvious analysis. However, content >filters may also mark messages from dynamic ips as spam. > >If someone was trying to send me mail and was being blocked >by a dnsrbl list I was using, I would whitelist them since the >purpose of the lists is to keep out spam not legitimate email. >Problem: in the case of a dynamic ip what ip do I whitelist? > >John
Hmmm. Didn't know that. Well, I suppose blocking dynamic IP addresses makes sense then, although I still think a better answer is to put content filtering in place at the ISP level. I really dislike the idea of assuming that a mail server is a spammer until proven otherwise. Strikes me as an Ashcroft solution. "Guilty until shot escaping". Mike- -- If you're not confused, you're not trying hard enough. -- Please note - Due to the intense volume of spam, we have installed site-wide spam filters at catherders.com. If email from you bounces, try non-HTML, non-encoded, non-attachments,
