Hypothetical question for you, if all the spammers and malware actors
were kicked off OVH and Digital Ocean, would their stock valuation
still be so ridiculously high?
When I was at DO dealing with it they'd let accounts age without usage,
created with a residential IP and matching billing. Then after the
account sat for a year or more, they'd spin up the max amount of cloud
servers their account could use and start blasting spam. Once you
terminated the account they'd move to their next one. All residential
IPs and matching billing, no connection between the accounts (no
matching login IP or anything). So I had to write a script to identify
accounts spinning up servers by their pattern. That would clear things
for a few days. Then they'd change up their patterns and I'd have to
chase them again.
It wasn't at all profitable. They'd run up usage and never pay. No
single account ever lived very long. The entire structure of making it
easy to register and spin up servers without pre-paying makes it easy
for them. But if you avoid all of that just because of that fact, your
competitor will create the same environment and the problem simply hops
networks. At least by drawing lines on how far you'll go to stop them,
it makes them easier to predict for the rest of us.
There's really no perfect choice because you can sacrifice yourself and
your business model on the altar of preventing spam but you'll sacrifice
revenue and the internet won't be better off for it, because some
faceless company in another country will just gladly take what you've
rejected. Honestly, blocking SMTP by default is the lesser evil, and I
submit that the financial gains from clean IP space outweigh the few
people mad about opening a ticket to get it unblocked. But getting
people to agree at a large company isn't very easy.
Anyway, thought you might find that a fun story. Sometimes spam runs
rampant on a network not because no one cares, sometimes it's
legitimately difficult to continually outsmart other humans who are
working to outsmart you at the same time.
On 2021-10-07 16:21, Michael Peddemors via mailop wrote:
On 2021-10-07 1:11 p.m., Simon Arlott via mailop wrote:
On 06/10/2021 02:15, Brandon Long via mailop wrote:
Generally speaking, outside of the obvious differences, most of our
spam
rules are agnostic to IPv4/IPv6.
The frustrating problem with Google's treatment of IPv6 is that the
"must have reverse DNS" requirement means it will return a 5xx
permanent
error for a temporary DNS resolution failure, and reverse DNS
typically
involves multiple nameserver delegations with no glue so it's never
100%
reliable.
Twenty years ago it was frustrating to some people that IPv4 Email
servers needed rDNS. (I get your point on the 5xx though)
It of course should depend on WHY no reverse DNS was found. If there
is no authourative server for that IP it should get a different
response than if the authourative name server is down, or if it
doesn't have an entry for that IP Address.
(I wasn't going to get into this thread but.. )
Of course, network engineers sometimes see things as 'simple' when to
the average lay administrator might not find it so. Yes, they can
learn, but do they want to?
Sometimes we just make things more complicated for people, and those
people see very little benefit, so you have to understand WHY things
aren't adopted..
And, while I said tongue in cheek, turn off IPv6, I meant for some
people if they don't want to deal with the extra 'burden' (no flame
war please) of the realities of IPv6, then hey.. you don't have to use
it.
(And as one poster said, they only use SPF because Google requires it;
the sheer volume of people that have trouble with SPF is staggering,
let alone DKIM, DMARC [and on and on] should make engineers carefully
think before telling people they have to do things the 'correct way')
For instance, there are 109,915,135 IPv4 addresses on just RATS-NOPTR
(thankfully many ISPs actually block port 25 on egress), just imagine
how big that table would be for IPv6?)
Everything from DNS, IP Reputation, firewalls, IS more difficult in
IPv6, maybe not for you, but for some people.. please, give them a
break when they prefer not to wade in that pool.
The internet SHOULD be free and open.. we need more people running
their own networks, and mail servers.. we have to make sure that the
world doesn't turn into network silo's.
(oh, and friends don't let friends use 1.1.1.1/8.8.8.8 for DNS)
As another poster pointed out, that is the danger of putting all the
eggs in one basket.
......
Now, back to something more on topic..
Happy Thanksgiving Weekend to all my Canadian peeps..
Quick recap of the state of affairs out there..
* Thankfully, Snow Shoe spammers are having a hard time finding new
fresh IP Space.. but still active at some of the familiar hosting
companies.. Only about 10 new ranges per day, most of it by the same
group..
* Digital Ocean dedicated phishing droplets keep getting stood up at a
ridiculous pace
* Amazon/Google/Azure IPs keep being used for BEC at an unabated pace
* Gmail Spam still represents most of what content filters are catching
* Brazil is still off the hook for spam bots (Please block port 25 on
egress)
* MagicMail 5.0 hit Beta..
* Shanghai UCloud spammer volumes steadily increasing.
* Love this one on Azure IP space..
20.50.38.18 1 mta0-2.ungapped.email
20.50.38.19 1 mta0-3.ungapped.email
20.76.58.160 1 mta4-0.ungapped.email
20.76.58.161 1 mta4-1.ungapped.email
20.76.58.162 1 mta4-2.ungapped.email
20.76.58.163 1 mta4-3.ungapped.email
(Nice to see the domain is on Google ;) 404
Hypothetical question for you, if all the spammers and malware actors
were kicked off OVH and Digital Ocean, would their stock valuation
still be so ridiculously high?
Talk to you the other side of a big plate of turkey.. Stay safe, you
know how the bad guys love long weekends.
--
"Catch the Magic of Linux..."
------------------------------------------------------------------------
Michael Peddemors, President/CEO LinuxMagic Inc.
Visit us at http://www.linuxmagic.com @linuxmagic
A Wizard IT Company - For More Info http://www.wizard.ca
"LinuxMagic" a Registered TradeMark of Wizard Tower TechnoServices Ltd.
------------------------------------------------------------------------
604-682-0300 Beautiful British Columbia, Canada
This email and any electronic data contained are confidential and
intended
solely for the use of the individual or entity to which they are
addressed.
Please note that any views or opinions presented in this email are
solely
those of the author and are not intended to represent those of the
company.
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
