I don't think they had blocked mail coming/going from yahoo.com/google.com which would have been more careless to their subscribers (especially when our outbound units were processing a few million emails a day from our customers). They blocked the domains so you couldn't have a link to google/yahoo in the body and then set that as an update for all of their devices. I believe it was something about a URL redirect on each site that spammers were using..but this was a several years ago so I don't recall exactly. -r -----Original Message----- From: Jon Lewis [mailto:jlewis@lewis.org] Sent: Monday, April 11, 2011 7:56 AM To: Ray Corbin Cc: nanog@nanog.org Subject: RE: Barracuda Networks is at it again: Any Suggestions as to an Alternative? On Mon, 11 Apr 2011, Ray Corbin wrote:
<rant>I had experience with Barracuda as outbound anti-spam filters for a very large hosting provider and I won't use Barracuda again. Some of their methods for blocking spam are a tad extreme. At one point they decided to block both yahoo.com and google.com in their domain filters because neither company responded timely to their complaint emails and wanted their attention.
Those both have pretty poor reputations for handling outgoing spam and other abuse issues. Yahoo is notorious for the "the message in your complaint did not come from our servers" response, when any idiot who can read headers can see that it clearly did come from their servers. They've gone a step beyond this recently by refusing to accept spam complaints to abuse@yahoo.com unless they're in ARF format. That raises the bar high enough that unless you have the skills to easily turn yahoo spam into ARF-compliant reports, you can no longer send them complaints when you receive spam from their servers. Google (gmail.com) is the only free-mail provider I'm aware of that hides the spammer's originating IP. All sorts of abuses seem to be tolerated there for much longer spans of time than you'd think it would take "the brightest of the brightest" to lock things down. i.e. URL redirectors used by spammers for months, phishing collectors reported to Google security, and nothing apparently done about them. Sometimes, the only way to get an appropriate reaction from an org that just doesn't seem to care about its abuse issues is to make those abuse issues cause them some pain. ---------------------------------------------------------------------- Jon Lewis, MCP :) | I route Senior Network Engineer | therefore you are Atlantic Net | _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________