Am 31.12.20 um 22:07 schrieb Hal Murray via mailop: > Scott Mutter said: >> If spam is sent from one of our servers - the IP address of one of our >> servers - it's me you ultimately want to contact, not the owner of the IP >> address. If you contact the owner of the IP address - they don't have root >> access to the server - they will have to filter that report down to me, for >> me to take action. And whether or not if that happens or if that happens in a >> timely manner is anybody's guess. > That's correct if you are white-hat. If you are black-hat, I want to contact > the owner in hopes that you will become an ex-customer. > > This pretty much nails it - if you're the bad guy I don't want to talk to you, if not, I want to talk to a competent entity.
Simplified, these are the possible cases: * Blackhat provider (owner), any customer: reject, possibly with an SMTP error message indicating that you will have to move to a different provider if you want to reach us. * Greyhat provider, whitehat customer: I might whitelist you. * Greyhat provider, blackhat customer: I will blacklist you or the IP range, depending on the perceived unwillingness of the provider to handle spam problems at all. * Greyhat provider, compromised customer: I will send a spamcop report and block the IP range. If the info gets to you, and you fix the problem, and you or the provider gets back with that info to me, then I will unblock. Fat chance, sorry. * Whitehat provider, whitehat customer: no problem except a possible data entry error which I'll fix as soon as I get notified. * Whitehat provider, blackhat customer: Of course I contact the provider hoping to get you booted. If that does not happen, provider has apparently turned greyhat. * Whitehat provider, compromised customer: That's the only case where it would make any sense to talk to the customer. However, if your services are compromised, you're probably not very competent or you have an organizational problem, and getting this resolved might take some time and energy. You're not my customer, why should I spend my time and energy helping you fix that problem? I'll notify the owner of the IP so they work with you (their paying customer) to fix your problem. Given the additional hurdles of identifying the responsible entity beyond the IP space owner (domain whois? mostly unusable), why should I jump through the hoops of identifying the customer whose service was used to send spam? The owner of the IP space is much better equipped to do that. In very isolated situations, I may decide to do something different. But in general, the IP space owner is the right person for me to talk to. Cheers, Hans-Martin
_______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop