It means they have 208 IPs that sent at least *one* spam in the past 7 days from a range that includes 131070 hosts! The way they are calculating it, it means it could be that they only got 208 spam emails in the last 7 days, and that was enough to block the whole A class. I'm sorry, but this is not reasonable - It doesn't even leave room for the ISP to cooperate and deal with the spammer.
I need to understand - are you in favor of blocking port 25? How many people in this list thinks it's a good idea? -----Original Message----- From: Noam Rathaus [mailto:[EMAIL PROTECTED] Sent: Thursday, July 24, 2008 4:36 PM To: Imri Zvik Cc: shimi; linux-il Subject: Re: Israeli ISP and Blacklisting Just my two cents, I checked a few IP addresses that are listed under the AS of zahav.net.il, as well as the mail server of zahav.net.il And it is very close to getting RBL blocked: 84.94.0.0/15 - ATTENTION Increased Listingrisk - Level 1 listed spammers within the last 7 days 208 - Escalation to Level 2 by Level 1 records 445 But ignore it, as this RBL (http://www.uceprotect.net/en/rblcheck.php) is nothing to worry about, as you mentioned - rarely used or trusted. On Thursday 24 July 2008 16:30:50 Imri Zvik wrote: > Shimi, > > > > I cannot speak on behalf of other ISPs, but if you have problems with the > one I'm working at, please share the information with me, and I promise you > I will get to the bottom of this. > > > > Bottom line, I can assure you that *WE* are doing *a lot* to deal with spam > from our mail system/network. Again, as evidence we have good scores at big > and widely used RBLs. > > I also know, from second hand, that the other ISPs are also putting a lot > of efforts in order to deal with this issue. > > This all discussion started from *one* RBL which is notorious for its harsh > treatment. No one provided any specific problem, and everybody jumped into > the conclusion that if this RBL is blocking you, it means you are not doing > anything to deal with spam. This conclusion is just wrong. > > > > > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of shimi > Sent: Thursday, July 24, 2008 4:16 PM > To: Imri Zvik > Cc: Noam Rathaus; linux-il > Subject: Re: Israeli ISP and Blacklisting > > > > Imri, > > On Thu, Jul 24, 2008 at 3:57 PM, Imri Zvik <[EMAIL PROTECTED]> wrote: > > How do you know abuse@ doesn't "really take care of users"? It seems like > your whole response is generalizing and vague. > > > I know because if after two weeks from their reply that they will "handle > it" I see the same user doing the same thing again from the same ISP, > then... > > What does an AUP worth if it is not enforced? > > The whole Israeli spam market is dominated by a VERY little amount of > people, and there is a reason that they're still spamming. Given that there > are like 3 ISPs in the country nowdays, they're not doing so because they > jump from an ISP to ISP after each one is denying them service, rather then > because they're paying customers, and denying them service means less > income. > > > > I don't see how the old QoS argument as anything to do with dealing with > abuse. I must remind you that downloading copyrighted materiel is > officially abuse too. > > > It does for a very simple reason; ISPs care only about cashflow. Removing > bad users from the possibility to get service leads for less profits. > Paying more for bandwidth leads for less profits. > > Re. your comment about copyrighted material, I have three things to say: > > 1. I don't really understand how is that abuse; You're not attacking any > system, and you're distrubing no-one (besides RIAA, BSA and others - but > that's not abuse). 2. The ISPs want to play the police and court? Fine, I > guess it's their right (and being a FOSS user, I couldn't care less...) - > if the law permits them to observe traffic and sabotage it - I have no > problem with that (what about BitTorrent to download the latest Linux > release?) 3. They DENY the fact that they're doing it! They claim that > "there are no means to do that!". If you don't believe me, read official > commentary from various spokesmen in Ynet articles regarding slow P2P in > various ISPs. > > Finally, I was not even talking about P2P - that was YOUR assumption. > They're [at least some of them] QoSing NON-HTTP traffic. Like CVS checkout > from an Open Source project, or my connection to an IRC network (how else > can you explain a 180ms ICMP but a 1 second IRC "ping" command roundtrip?). > How is that an abuse or illegal? > > But that's really OT, so let's stop here. I was just giving another example > for "we deserve this for not standing for our customer rights". > > -- Shimi -- Noam Rathaus CTO [EMAIL PROTECTED] http://www.beyondsecurity.com "Know that you are safe." Beyond Security Finalist for the "Red Herring 100 Global" Awards 2007
