My ISP has been "blacklisted"!

On Sun, 07 Dec 2003 15:31:45 -0600, James M. Knox wrote:

Dynamic IP's should never be blocked...

other way round. see DUL

only the next tier fixed IP (and
that with a degree of intelligence). But many of the poorer quality
black list services don't check. So... if someone has ever dialed in or
gotten the IP we are currently using and has sent spam over it, AND if
someone receiving that spam complained to the blacklisters... bingo.
That IP address is listed as a no-no.


So you are relaying mail via a dynamic IP? You deserve to be blacklisted
(i.e.: that dynamic IPs are blacklisted).

In general we will never know it (we get no bounce mail or anything) -
until enough customers call about why we ever sent them that report we
promised or whatever.

do what has to be done: relay through your ISPs MTA or get a static IP with
a correct PTR.

Then it's track down who their ISP is, and TRY to
find out what blacklisting service they are using, then TRY to get SBC
(who does NOT consider us a major account G) to send a note to the
blacklister...

Royal pain, and a cure as bad or worse than the disease.

IBTD

#m

--
http://www.declareyourself.com/fyr_candidates.php
http://www.subterrane.com/bush.shtml

Martin Hotze wrote in
news
So you are relaying mail via a dynamic IP? You deserve to be
blacklisted (i.e.: that dynamic IPs are blacklisted).

Nope... I'm not doing anything wrong, unless you count *inheriting* an IP
address that has been used by someone who was. Think of it like moving to
a new town and getting a telephone. The phone number the phone company
assigns you just happened previously to belong to the local taxi cab
company. {:(

I can (temporarily) fix the problem by disconnecting my DSL modem and
reconnecting it. This gives me a new IP address. The trouble is that it
will also sometimes give you a new address by itself (line testing, line
interruption, etc.). Usually the first indication I have of this (having
gotten a "bad" address) is calls from frustrated customers wondering where
that mail I was supposed to sent them is.

-----------------------------------------------
James M. Knox
TriSoft ph 512-385-0316
1109-A Shady Lane fax 512-366-4331
Austin, Tx 78721
-----------------------------------------------

In general we will never know it (we get no bounce mail or anything) -

If you're not getting a "bounce" there's something wrong with how you're
sending the email. Well...actually, that's less true today. I'll explain
why.

Once upon a time, the blocking tools ran at the server level. That is, the
mail server to which your mail server was trying to send the message would
reject it. The failed message would still be on your server, and it would
be your server's responsibility to send the "bounce".

However, users have - justifiably - become concerned about "false
positives". So the model has been changing. Instead of servers rejecting
email, the mail is now delivered but into a special folder. The user can
ignore this folder, scan it occasionally, delete it, or anything in
between.

Unfortunately, though, this means that the mail was accepted by the
destination server. This has a number of problems, but one of them is the
lack of an error message.

It's tempting for some to blame the users for this, in that they're the
proximate cause. However, the blame truly lies with the spammers. W/o
them, the problem simply wouldn't exist.

[...]
Royal pain, and a cure as bad or worse than the disease.

It is a pain, but most people disagree with your assessment. They'd rather
not be buried in spam. If you need to do some extra work as a result,
those people don't care.

It's just aother aspect of the cost-shifting nature of spam. The spammers
spam, and you pay the cost. That's part of why so many consider it
"theft".

- Andrew

In a previous article, "James M. Knox" said:
Martin Hotze wrote in
news
So you are relaying mail via a dynamic IP? You deserve to be
blacklisted (i.e.: that dynamic IPs are blacklisted).

Nope... I'm not doing anything wrong, unless you count *inheriting* an IP
address that has been used by someone who was. Think of it like moving to

Many ISPs are blocking all mail from ALL dynamic IPs. It doesn't matter
how many times you unplug your DSL modem and get a new IP, you're still
going to be on a dynamic IP, and therefore still be unable to send email
to AOL, RoadRunner, Juno, NetZero, Hotmail, etc. I've got a list of a few
hundred domains where I have to forward email through my ISP's mail
server, which I hate to do because they are slow and unreliable, unlike my
own postfix server.


--
Paul Tomblin http://xcski.com/blogs/pt/
I've never understood why women douse themselves with things that are alleged
to smell of roses/tulips/freesias. What exactly are they trying to attract?
Bees? -- Tanuki

In article , Jeff Franks wrote:
Both of these are "blacklists" that many mailservers use to try to prevent
spamming.

I don't like blacklists for flat rejecting mail. I prefer to use a spam
scoring system - the one I use is called SpamAssassin, and I have it
installed on the mail server for everyone who uses my system to get
email. SpamAssassin assigns scores for each spam indicator - it uses a
combination of its own rules, a Baysean filter, the DCC and the Spamhaus RBL.
Matching a single rule - for example, if your IP address is in the SBL,
won't mean you get put in the spamtrap. For the rules-based filter, you
must match a few rules. SpamAssassin is very effective - much better
than using an RBL alone.

Here's a few stats for my personal email address for how many spam
emails I get per day:

Sat Nov 29 01:00:43 UTC 2003
101
Sun Nov 30 01:00:51 UTC 2003
102
Mon Dec 1 01:00:35 UTC 2003
114
Tue Dec 2 01:00:45 UTC 2003
115
Wed Dec 3 01:00:11 UTC 2003
131
Thu Dec 4 01:00:09 UTC 2003
117
Fri Dec 5 01:00:09 UTC 2003
98
Sat Dec 6 01:00:10 UTC 2003
94
Sun Dec 7 01:01:14 UTC 2003
105
Mon Dec 8 01:00:13 UTC 2003
103

I get perhaps 3 or 4 actual emails from real people per day (excluding
mailing lists). The scale of spam makes me wonder if email is really
worth it any more, since I get two orders of magnitude more spam than
ham. I have to waste time configuring SA, my server has to waste CPU
cycles and disk space.

Then there's worms/viruses. My mail server is configured to point-blank
reject *all* Windows executables. During the recent Swen scourge, at one
point Exim was rejecting several copies of the worm per minute. The
mailserver literally had to reject gigabytes of Swen. Swen must have
brought some smaller ISPs to their knees - I was just processing mail
for a handful of users - just imagine the traffic for a couple of
thousand users!

Unfortunately, the MAPS RBL is not a solution - it's like a blunderbuss
- it's fairly indiscriminate and inaccurate: many false positives and
fairly ineffective blocking. I won't even use the MAPS RBL as a rule for
SpamAssassin.

--
Dylan Smith, Castletown, Isle of Man
Flying: http://www.dylansmith.net
Frontier Elite Universe: http://www.alioth.net
"Maintain thine airspeed, lest the ground come up and smite thee"

In a previous article, said:
On Mon, 8 Dec 2003 15:02:33 +0000 (UTC), Paul Tomblin wrote:
I've got a list of a few
hundred domains where I have to forward email through my ISP's mail
server, which I hate to do because they are slow and unreliable, unlike my
own postfix server.

So a static IP would solve the problem (given that the ISP has some clue
and has not also listed that range also in the dial up list)?

Yes, if they have a separate IP range for their static customers. If they
just give you an IP in the middle of their dynamic IP range, forget it.


--
Paul Tomblin http://xcski.com/blogs/pt/
http://www.pointlesswasteoftime.com/film/50reasons.html
"Apparently they made the beasts [Uruk Hai] by crossing Orcs, Goblins and
the French."

On Mon, 8 Dec 2003 15:02:33 +0000 (UTC), Paul Tomblin wrote:

I've got a list of a few
hundred domains where I have to forward email through my ISP's mail
server, which I hate to do because they are slow and unreliable, unlike my
own postfix server.

So a static IP would solve the problem (given that the ISP has some clue
and has not also listed that range also in the dial up list)?

#m
--
http://www.declareyourself.com/fyr_candidates.php
http://www.subterrane.com/bush.shtml

On Mon, 08 Dec 2003 16:59:30 -0000, Dylan Smith wrote:

The scale of spam makes me wonder if email is really
worth it any more, since I get two orders of magnitude more spam than
ham.


For those wondering about the name 'SPAM':
http://www.detritus.org/spam/skit.html

and to come to an end on this thread: Jay, is your question somehow
answered? *hehe*

#m

--
http://www.declareyourself.com/fyr_candidates.php
http://www.subterrane.com/bush.shtml

On Mon, 8 Dec 2003 19:11:19 +0000 (UTC), Paul Tomblin wrote:

So a static IP would solve the problem (given that the ISP has some clue
and has not also listed that range also in the dial up list)?

Yes, if they have a separate IP range for their static customers. If they
just give you an IP in the middle of their dynamic IP range, forget it.

I wrote: "given that the ISP has some clue"

:-)

#m
--
http://www.declareyourself.com/fyr_candidates.php
http://www.subterrane.com/bush.shtml

"G.R. Patterson III" wrote in message
...


Paul Tomblin wrote:

I get 2,000 spams a day (and rising rapidly), not counting the Microsoft
executables that are deleted before the spam filter sees them.

Wow! I'm only getting about 1% of that.

Is it possible that Comcast is stopping the other 99%? Turning off the
Hotmail filter for a couple of hours is instructive. (despite having had my
HM address in the clear for years, I get maybe 5-10 messages a day leak
through the filter, and no complaints from anyone that I didn't reply to
their mail).

-- David Brooks