Well, we are back talking about OVH ;-( On 27 June 2017 at 10:01, Philip Paeps <phi...@trouble.is> wrote: > On 2017-06-26 18:51:12 (-0500), Michael Rathbun <m...@honet.com> wrote: >> [...] >> OVH recently instituted policies that would have drastically reduced the >> outgoing flood of bad email; > > Do you have a source for this information?
At the end of 2015 they set up port-25 sniffing on all customers. They "sniff" outgoing traffic from all of their IPs and submit emails through an antispam filter named Vade Retro (now VadeSecure). Vade retro will count spam emails from any IP and outgoing port 25 will be blocked by their outgoing firewall at given levels. Of course this solution, like most outgoing filters, have major issues related to not having evidence of recipients reactions to the email (so they can try to guess but they will never know if the recipient subscribed to that content or not, while incoming solution can collect reputation data based on their inbox behaviours). Some of my IPs have been blocked at least 5-6 times by their Vade Retro filter in the first year and all of the times they were false positive (one of my customer have a med-to-med "old style" mailing list about pharma and Vade Retro is too much "word based", another issue was with an url-shortner domain being used in another email) so I think they now whitelisted me (or they improved the filter) as I didn't have new blocks in the last year from them while in the forum I still see blocked customers complaints. Official source: http://docs.ovh.ca/en/troubleshooting-antispam-best-practice.html I've also been contacted a couple of times at the end of 2015 and beginning of 2016 by their abuse desk because of complaint email forwarded to them (so they handle abuse, I guess), but that's all. > In accordance with our contractual terms, we reserve the right to take all > the measures > necessary to deal with this incident, including the suspension of your > service. > Please reply directly to this email with the details of your investigations > and confirm to us the > actions you took to fix this issue. > Kind regards, > The OVH Abuse Team Previously (I've been there 7 years) they never blocked anything and they never contacted me by their abuse desk, so I guess they did some "homework" in the last 2 years to improve their reputation: I didn't see UCE-protect level2/level3 on OVH while I've seen UCE-protect block a lot of german hosting providers I evaluated in past. I had to move away from Contabo.de because of UCE-protect level3 blocks (they didn't care about UCE-protect level3 and they say UCE-protect was just looking to get some money for the delisting). On 27 June 2017 at 10:01, Philip Paeps <phi...@trouble.is> wrote: > Unfortunately, rejecting all mail from OVH would result in rather more than > one or two false positives. They (inexplicably?) have quite a lot of > legitimate customers too. :/ AFAIK OVH is the biggest hosting provider in europe, with one of the best offer in term of price/value ratio (good hardware, good network, good api, low price). According to the reputation providers above OVH is also one of the biggest legitimate email sender (between hosting providers) worldwide. I'm in italy and many of us adopt French or German hosting providers because they are "near" but with much better connections to europe/world than most italian providers (recently this is changing). Unfortunately, on the receiving side, it is hard to raise big /16 rejects because it is hard to know what is the real false-positive impact (expecially with solicited but BULK emails). Incoming antispam for small entities is getting harder and harder. I'm almost abandoning it in favor of bigger players because of this. Back to reputation providers, SpamHaus publishes the "top 10" but OVH is not there (and AFAIK never been there, recently): https://www.spamhaus.org/statistics/networks/ https://www.spamhaus.org/statistics/botnet-asn/ Stefano -- Stefano Bagnara Apache James/jDKIM/jSPF VOXmail/Mosaico.io/VoidLabs _______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop