"KD" == Karl Denninger <karl@Mcs.Net> writes:
KD> or a 421 error, which keeps the spam at the source (loading the KD> spammers mailserver -- a GOOD thing!) Are you joking? There's not a spammer alive that uses sendmail or something that would similiarly requeue on temporary failure. KD> Much more elegant, in my opinion. Assuming that 'sendspam' would actually maintain a queue. Paul's solution has its own elegance: raising the price for allowing antisocial behavior from bounced email to partial loss of connectivity. But like Paul said, raising the stakes like that just invites someone to try and one up him. -- Daniel Simms There is more than one way to burn a book. dsimms@alink.net And the world is full of people running (408) 720-6161 about with lit matches. -Ray Bradbury
On 19 Feb 1997 21:55:30 -0800, you wrote:
"KD" == Karl Denninger <karl@Mcs.Net> writes:
KD> or a 421 error, which keeps the spam at the source (loading the KD> spammers mailserver -- a GOOD thing!)
Are you joking? There's not a spammer alive that uses sendmail or something that would similiarly requeue on temporary failure.
KD> Much more elegant, in my opinion.
Assuming that 'sendspam' would actually maintain a queue.
Paul's solution has its own elegance: raising the price for allowing antisocial behavior from bounced email to partial loss of connectivity. But like Paul said, raising the stakes like that just invites someone to try and one up him.
What's so elegant about that if a spammer with elementary knowledge about SMTP and DNS can easily bounce his stuff off of any of the thousands of unsuspecting hosts and/or use unsuspecting forwarding name servers in the slave mode?
Daniel Simms There is more than one way to burn a book.
Dima
What's so elegant about that if a spammer with elementary knowledge about SMTP and DNS can easily bounce his stuff off of any of the thousands of unsuspecting hosts and/or use unsuspecting forwarding name servers in the slave mode?
http://www.sendmail.org/antispam/ has the answer to that. As we find these servers (which means: as they are used as unintended relays for the forwarding of spam) we educate their owners and they upgrade. Or they get blocked during spam episodes, which process will shortly become automatic. eBGP converges quickly enough that I can inject a /32 and have it in 4 countries in less than a minute. They rotate phaser frequencies, we rotate shield frequencies. And while the war of escalation goes on, providers are educated -- and that's the real goal, so no matter who's "winning" at the moment, *I* am winning.
On Thu, 20 Feb 1997, Paul A Vixie wrote:
http://www.sendmail.org/antispam/ has the answer to that. As we find
Actually, FYR http://www.sendmail.org/antispam.html Thanks, --Jim
In the last two weeks or so I got spammed from SPRY/Compuserve at lest half-a-dozen times. You don't seem to be blocking them, do you? Dima Paul A Vixie writes:
What's so elegant about that if a spammer with elementary knowledge about SMTP and DNS can easily bounce his stuff off of any of the thousands of unsuspecting hosts and/or use unsuspecting forwarding name servers in the slave mode?
http://www.sendmail.org/antispam/ has the answer to that. As we find these servers (which means: as they are used as unintended relays for the forwarding of spam) we educate their owners and they upgrade. Or they get blocked during spam episodes, which process will shortly become automatic. eBGP converges quickly enough that I can inject a /32 and have it in 4 countries in less than a minute.
They rotate phaser frequencies, we rotate shield frequencies. And while the war of escalation goes on, providers are educated -- and that's the real goal, so no matter who's "winning" at the moment, *I* am winning.
In the last two weeks or so I got spammed from SPRY/Compuserve at lest half-a-dozen times. You don't seem to be blocking them, do you?
No. But I do block the /32's used by spammers to relay mail through Prodigy. I have not personally been spammed via Compuserve recently, and moreover they have been very active in getting their Sendmail upgraded to make this kind of unintended relay service stop. I don't have a hair trigger on this gun -- it takes quite a while for me to decide that someone can't/won't come around on their own. And when I block things I do it with as long a prefix as possible, since I am not trying to penalize anybody and I want all "cooperative" portions of the net to reach me. Thanks for asking, even though your implicatory tone is very damaging to you.
Paul A Vixie writes:
I don't have a hair trigger on this gun -- it takes quite a while for me to decide that someone can't/won't come around on their own. And when I block things I do it with as long a prefix as possible, since I am not trying to penalize anybody and I want all "cooperative" portions of the net to reach me.
What does it take to get removed from the list? Is there some kind of an appeal process? Anyway, if the access to f.root-servers.net is not blocked to anyone, then the whole discussion has come to its end, I guess.
Thanks for asking, even though your implicatory tone is very damaging to you. ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ What is that supposed to mean?
Dima
What does it take to get removed from the list? Is there some kind of an appeal process?
All someone has to do is call me and talk to me about why they were blocked and tell me what arrangements they've made to kill off their local spammers and fix their AUP and make sure they won't be used as a mail relay for non- local mail. It's quite simple, actually, and it happens a couple of times per week. The lawsuit threats I receive tend to stretch the process out a bit. An actual lawsuit would probably stretch things out a LOT. I'll let y'all know when someone finally makes good on one of their threats.
Anyway, if the access to f.root-servers.net is not blocked to anyone, then the whole discussion has come to its end, I guess.
It is for now, I'm assembling the hardware and IP addresses needed to slide it onto its own subnet. By next week, F should be outside the blackhole's sphere of influence.
..., even though your implicatory tone is very damaging to you. ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ What is that supposed to mean?
I will point it out and explain it in detail next time it happens.
participants (5)
-
Daniel Simms
-
Dima Volodin
-
dvv@dvv.ru
-
Jim Radford
-
Paul A Vixie