Response from Cyber Promotions (fwd)
Read the msg below from Cyberpromo. It is valid for ISPs to block at the router level as well as the sendmail level as per Cyberpromo's mail. I figured some people here may be interested in this. :-) Hank Nussbacher ---------- Forwarded message ---------- Date: Sun, 20 Apr 1997 18:11:33 -0400 (EDT) From: Mail AutoResponder <abuse@c-y-b-e-r-p-r-o-m-o.com> Subject: Response from Cyber Promotions ----------------------------Original message---------------------------- Dear Sir/Madam, Thank you for taking the time to write to Cyber Promotions with your concerns. Please be aware that this mailbox (abuse@cyberpromo.com) is read by many people in our company, including our senior management. The fact that your message garners e-mail from an auto-responder is to insure a timely response. It should not be an indication of a lack of consideration or concern. CYBER PROMOTIONS' POSITION ON ACCEPTABLE USE POLICY FOR INTERNET CONTENT Cyber provides email services to a large number of customers, whom are supporting thousands of end users. It is our position that the Internet is an open marketplace, where commerce of any and all kinds may take place in accordance with public demand. We do not believe censorship is the responsibility of an Internet service provider. It is not our place to censor customers' content or legitimate business practices. Messages originating from customer sites reflect the opinions of our customers and not necessarily those of Cyber Promotions. SUGGESTIONS Cyber is a pro-active organization with goals of delivering the highest quality email solutions. Since we believe in continuous improvement, we will re-evaluate our position in light of the any new regulatory developments. We appreciate that our position may not be agreeable to everyone. Further, we understand your interest in seeking a solution. With that in mind, may we suggest the following options: - END-USERs - A variety of e-mail and filtering software packages are available on the Internet for end-users. For example, Eudora and procmail offer sufficient protection from e-mail of your undesired Internet sites. Or you can use the latest in filtering software, e-Filter, sold on Cyber's own web page at... http://www.cyberpromo.com - ISPs - Your mail servers and/or router systems can be set to reject incoming spam or filter out offensive sites at the IP level. Sendmail and ccmail are a few examples of good systems which perform these functions. Again, we would like to thank you for your valuable input, and wish you continued success in your Internet experience. Best Regards, The Cyber Promotions Staff (Many of Cyber's policies regarding these issues have been adopted from our own backbone providers.)
This will not work if you have an off-site MX or you have an off-site MX that doesn't have the same packet filtering rules that you do. It will time out to the first MX, and deliver to the next. If that next MX is off-site, it will be delivered there and you will just get the spam via that route.. :/ It's best done with sendmail rules, I suppose.
Read the msg below from Cyberpromo. It is valid for ISPs to block at the router level as well as the sendmail level as per Cyberpromo's mail. I figured some people here may be interested in this. :-)
Hank Nussbacher
---------- Forwarded message ---------- Date: Sun, 20 Apr 1997 18:11:33 -0400 (EDT) From: Mail AutoResponder <abuse@c-y-b-e-r-p-r-o-m-o.com> Subject: Response from Cyber Promotions
----------------------------Original message---------------------------- Dear Sir/Madam,
Thank you for taking the time to write to Cyber Promotions with your concerns.
Please be aware that this mailbox (abuse@cyberpromo.com) is read by many people in our company, including our senior management. The fact that your message garners e-mail from an auto-responder is to insure a timely response. It should not be an indication of a lack of consideration or concern.
CYBER PROMOTIONS' POSITION ON ACCEPTABLE USE POLICY FOR INTERNET CONTENT Cyber provides email services to a large number of customers, whom are supporting thousands of end users.
It is our position that the Internet is an open marketplace, where commerce of any and all kinds may take place in accordance with public demand. We do not believe censorship is the responsibility of an Internet service provider. It is not our place to censor customers' content or legitimate business practices. Messages originating from customer sites reflect the opinions of our customers and not necessarily those of Cyber Promotions.
SUGGESTIONS Cyber is a pro-active organization with goals of delivering the highest quality email solutions. Since we believe in continuous improvement, we will re-evaluate our position in light of the any new regulatory developments.
We appreciate that our position may not be agreeable to everyone. Further, we understand your interest in seeking a solution. With that in mind, may we suggest the following options:
- END-USERs - A variety of e-mail and filtering software packages are available on the Internet for end-users. For example, Eudora and procmail offer sufficient protection from e-mail of your undesired Internet sites. Or you can use the latest in filtering software, e-Filter, sold on Cyber's own web page at... http://www.cyberpromo.com
- ISPs - Your mail servers and/or router systems can be set to reject incoming spam or filter out offensive sites at the IP level. Sendmail and ccmail are a few examples of good systems which perform these functions.
Again, we would like to thank you for your valuable input, and wish you continued success in your Internet experience.
Best Regards,
The Cyber Promotions Staff
(Many of Cyber's policies regarding these issues have been adopted from our own backbone providers.)
-- jamie g.k. rishaw <jamie@iagnet.net> - Internet Access Group [www.iagnet.net] - Cleveland-Pittsburgh-Detroit-Columbus-Akron-Toledo-Cincinnatti-Dayton - Corp: (800) 637 4IAG / (216) 623 3565. DID: (216) 902 5455. FAX (216) 623 3566. Personal: jamie@@arpa.com || jamie@@null.net (Remove second @, nonspammers) =)
Read the msg below from Cyberpromo. It is valid for ISPs to block at the router level as well as the sendmail level as per Cyberpromo's mail. I figured some people here may be interested in this. :-)
Hank Nussbacher
This will not work if you have an off-site MX or you have an off-site MX that doesn't have the same packet filtering rules that you do.
It will time out to the first MX, and deliver to the next. If that next MX is off-site, it will be delivered there and you will just get the spam via that route.. :/
It's best done with sendmail rules, I suppose.
jamie g.k. rishaw <jamie@iagnet.net> - Internet Access Group [www.iagnet.net] - Cleveland-Pittsburgh-Detroit-Columbus-Akron-Toledo-Cincinnatti-Dayton - Corp: (800) 637 4IAG / (216) 623 3565. DID: (216) 902 5455. FAX (216) 623 3566. Personal: jamie@@arpa.com || jamie@@null.net (Remove second @, nonspammers) =)
But most of the bulk spammer programs out there don't follow MX records. They blast directly into the sendmail port of the primary machine, and if they can't do that, they leave it at that and move on.. Blocking spam sites directly at the sendmail level (with tcp_wrappers), does effectively block out bad domains.
On Mon, 21 Apr 1997, Doug McIntyre wrote:
But most of the bulk spammer programs out there don't follow MX records. They blast directly into the sendmail port of the primary machine, and if they can't do that, they leave it at that and move on.. Blocking spam sites directly at the sendmail level (with tcp_wrappers), does effectively block out bad domains.
You sure about not following MX'? There is a machine, 'isi.net', but it doesn't accept mail, and there's an MX pointing to out real mail machine, yet we constantly get spam :-) Otherwise everyone would've used this trick to avoid spam :) Some of the sendmail rules listed at http://spam.abuse.net/spam/, like the one that forces the MAIL FROM line to actually resolve, would probably block a lot of spam, too. But I was wondering if this requires the address to have an A record, or will an MX suffice; I know lots of people that send as "user@domain.com" where domain.com is an MX only... I'm just not familiar enough with sendmail rules to know how it works ;-) If Cyberpromo were really trying to *cough* help, they would set all the reply-to's in the spams to "abuse@cyberpromo.com" ;-) yeah... right... -Taner -- D. Taner Halicioglu taner@isi.net Programmer/Engineer/Sysadmin Internet Systems, Inc. Voice: +1 408 543 0313 Fax: +1 408 541 9878 PGP Fingerprint: 65 0D 03 A8 26 21 6D B8 23 3A D6 67 23 6E C0 36
On Mon, 21 Apr 1997, Hank Nussbacher wrote: And, now take a look at AGIS's abuse response. It's funny that AGIS and Cyberpromo's responses are exactly the same thing, with "AGIS" instead of "Cyberpromo". The rest of the mail contains the same suggestions... AGIS also has another interesting way of handling spam complaints: 220 agis.net ESMTP Sendmail 8.8.5/8.8.5; Mon, 21 Apr 1997 13:14:13 -0400 (EDT) MAIL FROM: <root@quad.quadrunner.com> 471 <root@quad.quadrunner.com>... We don't accept junk mail. - AHH3 I've conveniently blocked cyberpromo's blocks. My upstream provider is currently considering globally blocking cyberpromo. I am in the process of determining the impact of blocking _4200_.
Dear Sir/Madam,
Thank you for taking the time to write to AGIS with your concerns.
Please be aware that this mailbox (abuse@agis.net) is read by our entire company, including our senior management. The fact that your message garners e-mail from an auto-responder is to insure a timely response. It should not be an indication of a lack of consideration or concern.
AGIS' POSITION ON ACCEPTABLE USE POLICY FOR INTERNET CONTENT AGIS provides Internet connectivity to a large number of customers, whom are supporting millions of end users. As a global service provider, we provide circuits for Internet backbone connectivity. We do not offer connectivity directly to end-users.
[......]
==>Read the msg below from Cyberpromo. It is valid for ISPs to block at the ==>router level as well as the sendmail level as per Cyberpromo's mail. I ==>figured some people here may be interested in this. :-) ==> ==>Date: Sun, 20 Apr 1997 18:11:33 -0400 (EDT) ==>From: Mail AutoResponder <abuse@c-y-b-e-r-p-r-o-m-o.com> ==>Subject: Response from Cyber Promotions ==> ==> ==>----------------------------Original message---------------------------- ==>Dear Sir/Madam, ==> ==>Thank you for taking the time to write to Cyber Promotions with your concerns. ==> ==>Please be aware that this mailbox (abuse@cyberpromo.com) is read by many ==>people in our company, including our senior management. The fact that your ==>message garners e-mail from an auto-responder is to insure a timely response. ==>It should not be an indication of a lack of consideration or concern. ==> ==>CYBER PROMOTIONS' POSITION ON ACCEPTABLE USE POLICY FOR INTERNET CONTENT ==>Cyber provides email services to a large number of customers, whom ==>are supporting thousands of end users. /cah
On Mon, 21 Apr 1997, Craig A. Huegen wrote: ==>I've conveniently blocked cyberpromo's blocks. My upstream provider is ==>currently considering globally blocking cyberpromo. I am in the process ==>of determining the impact of blocking _4200_. Ugh. That didn't come out right. My upstream provider is currently considering establishment of access-lists at their upstreams to block cyberpromo from reaching their network as well as their customers'. If I understand the way cyberpromo spam-central works, it would also prevent your customers from using cyberpromo services because you would not be able to send mail to their servers. /cah
220 agis.net ESMTP Sendmail 8.8.5/8.8.5; Mon, 21 Apr 1997 13:14:13 -0400 (EDT) MAIL FROM: <root@quad.quadrunner.com> 471 <root@quad.quadrunner.com>... We don't accept junk mail. - AHH3 ^^^
I'm becoming more and more convinced that it was not attacks AGIS was having problem with. It was (and is) AGIS's own, er, inadequacy.
/cah
Dima
On Mon, 21 Apr 1997, Hank Nussbacher wrote:
Read the msg below from Cyberpromo. It is valid for ISPs to block at the router level as well as the sendmail level as per Cyberpromo's mail. I figured some people here may be interested in this. :-)
[snip]
- END-USERs - A variety of e-mail and filtering software packages are available on the Internet for end-users. For example, Eudora and procmail offer sufficient protection from e-mail of your undesired Internet sites. Or you can use the latest in filtering software, e-Filter, sold on Cyber's own web page at... http://www.cyberpromo.com
Hold up. Just one second. Cyberpromotions is selling software to block their own spam? That's like the mob selling you protection insurace to protect you against the mob. Gee, sounds like they are trying to get money from both ends. Jordan -- Jordan Mendelson : www.wserv.com/~jordy/ Web Services, Inc. : www.wserv.com
At 03:56 PM 4/21/97 -0400, Jordan Mendelson wrote:
On Mon, 21 Apr 1997, Hank Nussbacher wrote:
Read the msg below from Cyberpromo. It is valid for ISPs to block at the router level as well as the sendmail level as per Cyberpromo's mail. I figured some people here may be interested in this. :-)
[snip]
- END-USERs - A variety of e-mail and filtering software packages are available on the Internet for end-users. For example, Eudora and procmail offer sufficient protection from e-mail of your undesired Internet sites. Or you can use the latest in filtering software, e-Filter, sold on Cyber's own web page at... http://www.cyberpromo.com
Hold up. Just one second.
Cyberpromotions is selling software to block their own spam? That's like the mob selling you protection insurace to protect you against the mob.
Gee, sounds like they are trying to get money from both ends.
I noticed this too... reminds me of Cincinatti Microwave, who made the Escort and Passport Radar detectors (among others). Their other line of business was making radar guns for the police... always seemed to me like one hell of a business. Every new feature (or frequency) they'd put into the police units meant they could sell a whole new round of detectors to the public (and probably new detector-detectors to the Canadian police). Daniel Senie mailto:dts@openroute.com Sr. Staff Engineer http://www.openroute.com/ OpenROUTE Networks, Inc. (a wholly owned subsidiary of Proteon, Inc.)
participants (8)
-
Craig A. Huegen
-
Daniel Senie
-
Doug McIntyre
-
dvv@dvv.ru
-
Hank Nussbacher
-
jamie@dilbert.iagnet.net
-
Jordan Mendelson
-
Taner Halicioglu