Another category here is companies that write their own mass mailers. A couple of airlines, for example, have written their own mass mailers that almost certainly do not incorporate re-tries.
I see that, too. I'm on Southwest's lists, and on the morning I got an advertizing mail shot from southwest, a bunch of southwest.com msgs showed up in the greylist report.
There were also a lot southwest.com msgs that didn't get stuck in greylisting.
My guess is that the mailer used for flight confirmation, a "product delivery path (e-ticket/ticketless)", does re-tries like a good MTA, but their non-critical advertizing mailer (to much large mailshot of every southwest client), doesn't.
No, it doesn't work that way.
only in your toothless interpretation, it doesn't. Perhaps ASTA will be as toothless as your hoped-for interpretation. Is ASTA just a sabre rattling club? or will they draw sabres and draw blood? If ASTA members implement no blocks within 60 days, I'd say they are bluffing.
First, ASTA isn't saying "Block 'em all!" -- they are warning ISPs that they are at risk of being blocked if they don't get their acts together.
Come on, your wimpy interpretation blunts the whole thrust of the ASTA stance, which is very simple: "If you run an unsecured, unpoliced network, you are at risk of being TOTALLY blocked."
Self-regulation against SMTP abuse of the Internet networks is not working, therefore ASTA, (4 direct competitors), _had_ to come together to take a vigilante stance of "if you don't police your own networks, the victims of your abuse (ASTA and all of us) will enforce their own anti-abuse policies/laws against your networks."
Blocking them overnight is pointless -- the point of the ASTA proposal of 5 days ago was to get ISPs to fix the problem, not to race out and block them all.
whose "straw man" says race out and block them all overnight?
Do you think the spewing network operators are quaking in their boots, and have now raised "stop our network" spew to a priority because of ASTA?
Large corporations can't change their behavior overnight; it takes months to do something like this.
As anybody who runs an MX daily can attest, the major network domains of my report have been running their networks wide open, compromised, and unpoliced for many months or years before ASTA's PR of last week. I consider all them in my report to be AT RISK, and RIGHT NOW.
Quit pretending that ASTA's announcement last week defines the beginning of the "at risk" period.
Second, ASTA isn't saying "Block anyone you want!".
huh? ASTA is saying that ANY network that doesn't stop spewing is blockable by ANY MX.
They are saying "If the ISP does not *reasonably* control abusive traffic, it is *at risk* of being blocked by other ISPs."
Always looking for ways to weasel out, aren't you?
How can any MX admin interpret the huge volumes of long-standing, current, and increasing crap spewing from these ever-enlarging networks as an indication that the networks operators are "reasonably" policing their networks?? He simply cannot.
I repeat my estimation that 5 days of greylisting at one MX blocked about 2.5 to 5 million msgs from the networks of the report. Are those numbers flying under your "reasonableness" radar?
And, how can any MX admin admit that these network operators, often multi-B$ companies, are completely ignorant of, and powerless to control, the spew they are sourcing? How would our reporting of pervasive 24x7xYears abuse from their entire NETWORKS be of "news" to them??
Just how hard and time-consuming is it (and this is only one approach) to announce in advance to their clients port 25 blocking and then add to their egress routers:
pass from <mynetworks> any port to any IP port 587
(... for authenticated-only "mail submission")
block from <mynetworks> to any IP port 25
???
That means that before blocking, a good ISP will make sure that the company involved does not have reasonable abuse control in place
My report, just a random snapshot at one random MX, "makes sure" these networks DO NOT HAVE _EFFECTIVE_ SPEW CONTROL IN PLACE. If anyone "reasonable" ever needed a smoking gun....
and won't acting without reason (being a "Good Neighbor", as they say).
Greylist rejecting is 2.5 to 5 millions msgs from these networks in 5 days is "reason" enough for me.
Why should we, long-suffering, daily $$victims of these mega-corps, be Good Neighbor to them when they aren't Good Neighbors to us? They have great power, but they are not acting with great responsibility.
How many terabytes of our collective bandwidth are we losing PER HOUR to their Good Neighborly collective spew?
14799 comcast.net 5269 rr.com
So the first two in your list are not surprisingly large ISPs.
What's your point? Comcast and rr are among the largest subscriber access network operators. And just what is a "surprisingly large ISP"?
btw, which, if any, domains NOT on the list surprised you by their praise-worthy absence?
4580 com.hk
But the third encompasses all the commercial entities in an entire country!
To keep the list to 5000 domains, I reported on only domain.tld, not label.domain.tld. The responsible corporate entity I was identifying is domain.tld.
You've got to be kidding me.
I'm being very serious. You're playing the contrarian, idiotic joker.
You're suggesting that people block all of Hong Kong?
no, that's your own straw man in your spurious BS spew, you deal with it.
Ouch. There ain't nobody who read that from ASTA!
more BS straw man.
You're the only one I've seen who is reading ASTA as wimping out with "let's warn these longstanding, egregious violators just now, and then wait for many months to see if anything changes, before we block".
ASTA is taking a desperation stance NOW because the networks typified in my report are clearly not securing and policing their networks. Quit pretending that we are in "day number one A.A. ( After ASTA)" of horrendous network spew.
Let's block Brazil, too! Japan, Mexico, Israel, Argentina, Australia and the United Kingdom must be Evil, too.
"Your MX, your policies"
btw, you know darn well that there are many MX operators who use the per-country blackhole lists to block entire countries and "foreign" ClassA, ClassB networks, so quit pretending it's such a horrible, unjustifiable practice, when it fact it is quite common AND successful practice.
Furthermore, go back a couple of years for a directly relevant story. The spew from Class A 211. and .kr TLD was horrendous. MX and router operators, without coordination or leadership a la ASTA, blocked 211. and .kr TOTALLY. Eventually, we hear that the .kr business community is screaming bloody murder that the .kr blocks are $$hurting their $$businesses, and, as sure day follows night, un-coordinated blocking caused the .kr spew problem to be reduced in very short order.
Moral of the story: no $$pain(for the spewers), no gain (for the victims).
That type of vigilante behavior is exactly what ASTA is talking about. ASTA is a effectively vigilante force (because there are no laws, no funding, no police force). We'll see if they have [EMAIL PROTECTED] to string up the violating networks from the highest tree.
And every MX operator on this list knows that with no blocking of the offending networks, there has been and will continue to be no reduction in the spew.
Using the 211 and .kr example as a guideline, the sooner the blocking is done, the faster we will get way-past-due results.
985 aol.com 404 hotmail.com
Oh, yes -- AOL, as one of the sponsors of ASTA, surely has huge spam problems.
Yes, and if the 4 ASTA members (or any big MX operator on this list) each compiled its own list of PTR domains like my report of yesterday, exactly the same domains would be on it.
Granted, AOL (and Hotmail) do have a bit of spam coming from their networks, but a *much* smaller percentage than just about any ISP.
In the all MXs I admin, big and small, nothing but crap comes from the PTR subdomain hex_address.ipt.aol.com, and yes, it's miniscule, in the 10's or less per day. Congtrulations, AOL.
However, just a few weeks ago, AOL outbound was nearly shutting down one my customer's MX with a joe-job, 100K msgs/day to [EMAIL PROTECTED] I mentioned it to Carl Hutzler of AOL on the SPAM-L list and he admitted is was a weakness of AOL's accept-then-bounce setup (which Sandy identified yesterday as an IMail vulnerability when mail storage is exhausted), and explained several aspects of AOL's current moves to prevent AOL from propagating joe-jobs. In the near future, AOL's MXs will supposedly, finally conform to the best practice of rejecting mail to [EMAIL PROTECTED], rather than accept-then-bounce.
Carl, afaics, is the only representative of a major network operator that I see posting, responding, accessible on the SPAM-L list. Maybe the "Carl Hutzlers" of rr, verizon, attbi, comcast, etc are active on other lists, but I'm pessimistic.
161 remax.net
And the realtors of the world.
161 IPS over 5 days is hardly a problem, is it?, Mr Straw Man, compared many 1000's of IPs from the majors? Nor is do remax IPs represent all the realtors of the world. And I bet those were from compromised remax office machines rather than remax's MXs.
Len, what you have done here is just like what you did with the vanity reverse DNS issue
Thank you, thank you, thank you. I have made another contribution to documenting numerically what is plain as day, and every day, to every MX operator on this list. (Although that info is harder to come by for IMail-only admins, since Imail doesn't log the PTR, only the connecting IP.)
And, ASTA is addressing EXACTLY the same problem as my PTR blocking approach, so, yes, you're freaking brilliant to see the similarities.
My tactic of blocking networks by PTR subdomain is EXACTLY in line with ASTA's stance. PTR subdomain filtering of "subscriber networks" is an approach that facilitates ASTA-style blocking.
When the IMGate list members helped compile and fine-tune the PTR list of 450+ network filters, we identified and carefully avoided, aka "reasonably", including the MX/MTAs of those same networks. So legit senders on subscriber networks who were blocked by PTR could always relay their outbound through their network providers' MTAs (eg, in your case, through ComputerizedHorizons MTAs).
-- you make an authoritative statement ("ASTA... here's the list of networks to block:") with a list of networks to block -- that you HAVE NOT EVEN LOOKED AT!
How do you know what I have or have not looked at? You don't, so shut up.
The list that I compiled from our 5 days of greylisting is EXACTLY the same list of violators that every (largish) MX admin here, and certainly ASTA members, will confirm as being the WORST violators, and therefore "at risk" of being totally blocked ASTA-style.
ie, using greylisting is an excellent technique for "LOOKING AT" the violators.
Here's a challenge, and surprise me by not wimping out: from your rejects for Mon-Fri of last week, publish a report like mine, the qty of IPs rejected with PTR hostname domain.tld from my list.
Nobody on this list, or at ASTA, or any MX admin should be surprised by the top 10 or 20, or 200, domains on my list. And your list, if you don't wimp out, will be essentially be the same list as mine.
Sorry, Len, but you just can't go compiling lists of people to block without checking them.
You aren't sorry. and please define "checking them".
I've been in the anti-spam business since 1997, and there are lots of people like you out there, but fortunately most quickly and quietly disappear when people realize that blocking without thought is a bad thing.
Just exactly who is "without thought"? Who is saying anybody should do anything "without thought". Only your self-serving, FUD-riddled straw man.
Sorry to be harsh
no, you aren't.
but you're telling people that they should block AOL and all of Australia
I'm telling no one to do anything. I posted a list, period. (The contents of that list of domain.tld is useless as a technical basis for filtering.)
-- and I'll bet you had no clue that you were doing so!
You fake the stupid bet, you create the straw man issues, you deal with them.
btw, your IP provider Verizon is in position 9 on the list of spewers.
mail.declude.com. A 68.162.218.198
;; ANSWER SECTION:
198.218.162.68.in-addr.arpa. 83260 PTR dpvc-68-162-218-198.bos.east.verizon.net.
So your pejorative phrase "vanity PTR", as it was when you were on a charter IP, betrays your personal agenda of hoping to hell that ASTA doesn't go after major spewer Verizon (or, earlier, charter). And it betrays your self-interested stance against ASTA-style blocking.
My bet to you: Verizon will (continue to) do nothing effective to stop their spew unless ASTA-style blocks of Verizon are put in place. If I run that 5-day report in 12 weeks, Verizon will still be at a high position, unless ASTA members block Verizon.
If ASTA members, and others, did block Verizon, you, as a Verizon network $$client, would go yelling like hell to Verizon to get your network unblocked, which is exactly what the ASTA blocking policy is meant to achieve: Verizon, stop the spew.
If ASTA blocked rr, in 3rd position, which I am on, I would go yelling like hell to complain to rr (an AOL sister company).
Len
_____________________________________________________________________ http://IMGate.MEIway.com : free anti-spam gateway, runs on 1000's of sites
To Unsubscribe: http://www.ipswitch.com/support/mailing-lists.html List Archive: http://www.mail-archive.com/imail_forum%40list.ipswitch.com/ Knowledge Base/FAQ: http://www.ipswitch.com/support/IMail/
