John Rudd wrote:
On Nov 28, 2004, at 9:00 AM, Bob Amen wrote:
It's very depressing and getting worse, according to my mail servers' statistics.
Hm. My mail servers' stats say it's getting better. For example, at home, I think I've only actually seen 1 spam message in the last month. I think 4 or 5 more got caught by spam assassin. And the rest are all filtered out by an aggressive greet delay, connection rate control, and spamhaus. At work, in the last month, we've cut our spam rates by about 90%.
I was writing about the statistics *before* reaching our user's mail boxes. As far as our user's are concerned, we're doing quite well, thanks to the various methods that we employ to stop spam. My statistics show that the attempts to deliver spam has increased dramatically in the last six months (as it did the six months prior to that, etc.). And you said "an aggressive greet delay." I tried that and found too many false positives with legitimate mail servers that are poorly configured. The only recourse for those false positives is another means of communication (eg. telephone). So who's being irresponsible?
Don't blame me and the other mail server admins if you can't get mail to our systems because you are sending from a machine on a DSL modem. Blame the spammers and those that buy from them!
Sorry, but that's a complete cop-out BS statement. The culpability of those who support spam is not a magic pardon for all anti-spam ends to justify their means.
That's not what I was saying. The fact that spammers have compromised so many systems at the end of DSL and cable modems has meant that we need to take some rather drastic measures. I wish it weren't so. I was saying that because of this situation, people must send mail through their ISPs mail server or find an ISP that maintains separate IP space for their fixed IP and responsible customers. Don't blame me for that situation as I did not create it.
You are precisely and exactly responsible for the accuracy and inaccuracy of the tools you use on your servers which may reduce spam OR interrupt legitimate communications. The actions of others (the spammers) do not excuse/absolve your actions. Show some spinal column and take responsibility for voluntarily choosing to use tools that have non-zero false positive rates.
I do absolutely do take responsibility for false positive rates. If you had read my posting you would known that I got 4-5 false positives in *six months* while rejecting 110,000 messages *per day*, thanks to SORBS. You would call that a poor false positive rate? I chose only those SORBS DNSBLs that have a vanishingly low false positive rate. I am supported in my choices by my management and users, many of whom wish I would be more aggressive.
Each one of those false positives was addressed with an exception list that I maintain. And I encouraged the senders to use their ISPs mail servers to send mail. People that send mail to us and have it rejected can always send mail to postmaster. Their message will get through and I will address their problem. I operate our mail servers in a responsible manner for the benefit of our business and our employees.
I take offense to your "spinal column" and BS statements. I am not passing the buck but placing blame for the situation where it belongs...on the spammers and their paying customers (and BTW the ISPs that make money off them).
--
Bob Amen
O'Reilly Media, Inc.
http://www.ora.com/
http://www.oreilly.com/