It truly is a wonder that Comcast doesn't apply DOCSIS config file filters on their consumer accounts, leaving just the IPs of their email servers open. Yes, it would take an education campaign on their part for all the consumers that do use alternate SMTP servers, but imagine how much work it would save their abuse department in the long run. Frank -----Original Message----- From: Frank Bulk Sent: Wednesday, April 11, 2007 5:10 PM To: 'nanog@merit.edu' Subject: Re: Abuse procedures... Reality Checks On Tue, Apr 10, 2007 at 07:44:59AM -0500, Frank Bulk wrote:
Comcast is known to emit lots of abuse -- are you blocking all their networks today?
All? No. But I shouldn't find it necessary to block ANY, and wouldn't, if Comcast wasn't so appallingly negligent. ( I'm blocking huge swaths of Comcast space from port 25. This shouldn't really surprise anyone; Comcast runs what may well be the most prolific spam-spewing network in the world. I saw attempts from 80,000+ distinct IP addresses during January 2007 alone -- to a *test* mail server. I should have seen zero. The mitigation techniques for making that happen are well-known, have been well-known for years, and can be implemented easily by any competent organization.) This, by the way, should not be taken as indicative of either what I've done in the past or may do in the future. Nor should it be taken as indicative of what decisions I've made in re other networks. ---Rsk