-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Raymond L. Corbin wrote: > Yeah, but without them saying which IP's are causing the problems you can't > really tell which servers in a datacenter are forwarding their spam/abusing > Yahoo. Once the /24 block is in place then they claim to have no way of > knowing who actually caused the block on the /24. The feedback loop would > help depending on your network size. When you have a few hundred thousand > clients, and those clients have clients, and they even have client, it simply > floods your abuse desk with complaints from Yahoo when it is obviously > forwarded spam. So it's more of pick your poison deal with customer > complaints about not being able to send to yahoo for a few days or get your > abuse desk flooded with complaints which hinders solving actual issues like > compromised accounts.
I look at all my mail server log files and see which logs show obvious spam being forwarded (a lot of times the MAIL FROM address is a dead giveaway) or I tail -F the mail log for a bit and watch the spam coming in and forwarding back out. When I see the forwarding domain that's who I have contacted to upsell some spam filtering. But, we're a small ISP, so I don't have thousands, let alone hundreds of thousands of clients, to deal with... Chris -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.7 (GNU/Linux) Comment: Using GnuPG with Mandriva - http://enigmail.mozdev.org iD8DBQFH/nORnSVip47FEdMRCi+HAJ9CJoJ/VAkEssv6TznwcYQVGVWkIACfRwhI VYw0v4HWI8mWs2SHEF3jnq0= =YMQR -----END PGP SIGNATURE-----
