An overall admirable response, keep up the good work. Just 2 questions: 1) Why not put TLDR at top? 2) Why allow email to be sent at all from "unmanaged servers"?
-Tim On Mon, Jul 17, 2017 at 7:44 AM, Hetzner Blacklist <blackl...@hetzner.de> wrote: > I just got back from a 2 week holiday and have been reading this thread > with a lot of interest. I thought I would respond and try to explain the > situation from our perspective. I could write an entire essay on this, > but I have tried to be as concise as possible, though it is still a wall > of text. > > Am 11.07.2017 um 13:00 schrieb Felix Schwarz: > > If I'm not mistaken also Hetzner's mail admins are reading this list > so maybe > > they can convice their management to do something about the bad > reputation. > > Management was convinced over a year ago. Our internal abuse processing > and handling was reviewed, and made stricter. I will admit that we used > to be too lenient in that regard, but that is no longer the case (at > least not intentionally). > > The results have been very encouraging. The leading blacklist and > reputation providers that have easy network/ASN lookups show a decrease > of at least 60% in “bad” IPs within our network within the last year. > This applies to Spamhaus, SpamCop, SORBS, UCEPROTECT, Senderbase (now > Talos Intelligence) and the Microsoft SNDS. The amount of abuse > complaints we get has also decreased substantially. All of this, even > though we are continually growing. > > I’ve been in contact with a number of people this past year and many of > them have acknowledged that our network no longer deserves a bad > reputation. However, I can fully understand that not everybody will > agree, and I believe there are 3 main reasons for that. > > 1) Historical. I wil be the first to admit that in the past we were too > lenient with spam-handling, and there was more spam leaving our network > than there should have been. This can mean that if somebody gets spam > from our network today, they think "great, Hetzner hosting another > spammer", even though the message was due to a compromised account (see > point 2), and the overall amount of spam is much lower than it was > historically. > > 2) Constant spam. Due to the nature of our business (IAAS provider), the > fact is that there will always be a certain level of spam leaving our > network. Brandon actually mentioned exactly this. > > Am 10.07.2017 um 21:37 schrieb Brandon Long: > > They may not even be renting directly to spammers, but their users are > > getting compromised and sending spam and other crap from their > servers. We > > see clickbot and other fraud farming from those IP ranges as well. > > > > It is an unfortunate situation, and challenging, no doubt. > > We have over a million IP addresses, and the vast majority of those are > allocated to unmanaged servers. Short of blocking all email > communication from our network, there are always going to be customers > sending emails, and thus there will always be some who send spam. Our > job is to minimize that as much as possible. Anybody who has worked an > abuse desk will know how hard that is, especially at an IAAS provider > like ourselves. > > We don’t intentionally harbor any spammers, and any that manage to get > through our checks (we block dozens of new orders a day) and start > sending spam, are soon terminated. We have a few email marketers, but > the vast majority of the spam leaving our network is from compromised > accounts, for which we can do very little. > > 3) Perspective. As with so many things in life, what you think of > something depends greatly on your point of view, and the assumptions and > expections you (sometimes subconsciously) bring along. If somebody > assumes that there should be zero spam leaving our network, they will > always be disappointed. > > I believe a perfect example of these different perspectives is found > within this thread. > > Am 11.07.2017 um 09:11 schrieb John Levine: > > Hetzner gushes spam, and I've had most of their > > IP ranges totally blocked for years. > > Am 13.07.2017 um 20:15 schrieb John Levine: > > Look for yourself: > > > > http://www.taugh.com/sp.php?c=&i=78.47.0.0&j=78.47.255.255&k=puavppaxru > > First of all, thank you for that link John, I appreciate you sharing > that information. It’s always good to have additional information about > our network, and I will be checking that link regularly. > > I have no idea what assumptions John has, but the comment about > “gushing” spam made me believe that the evidence would show a list of > hundreds, if not thousands of IPs, sending spam every few days over the > course of many months/years. > > What I see instead is almost exactly the opposite. This year (2017), > there have been a total of 89 spam messages, from a mere 44 IPs (which > currently belong to 44 separate customers of ours). These 44 IPs > represent 0.00067% of the IPs in the /16 range (65,536 IPs total). None > of the IPs sent spam regularly, and all of them stopped within a few > days. 99.99933% of IPs did not send spam. > > To me, this is a clear sign that we are doing a good job. Yes, there is > a “trickle” of spam, and I would dearly love to completely cut that out, > but as mentioned above, that is unrealistic. We are trying to minimize > the amount of spam, and I believe this shows we are doing exactly that. > > Now, I’m biased, and I’m obviously going to defend the company I work > for, but I truly believe we are on the right path. There is still a lot > that can be done, and is in the process of being done, but the results > from the past year show that we are serious about this. This is a > never-ending process and we are far from perfect, but we are working on > it. Anybody can check our network (and compare it to those of our > competitors) and come to their own conclusions. > > If anybody has complaints or information about our network we have a > functioning abuse department with real humans. If something isn’t being > handled satisfactorily, you can request it to be escalated, or you can > contact me directly. > > TL;DR We care about spam and believe that the evidence shows that. > > Kind regards > Bastiaan van den Berg > -------------- > Hetzner Online > > _______________________________________________ > mailop mailing list > mailop@mailop.org > https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop >
_______________________________________________ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
