Re: OT: *****SPAM***** Re: unstable is "unstable"; stable is "outdated"]
On Mon, 4 Feb 2002 12:41, Jason Lim wrote: > > ORDB (ordb.ORG) lists open relays, SPEWS lists spammers. Using ORDB is > > very effective for blocking spammers who abuse open relays, but SPEWS > > can stop the direct spammers and their hosts. > > How are the spammers going to get their emails out? Most, if not all must > use open relays to send them out. Nowadays I think nearly all ISPs block They also use the mail servers of their ISPs and the PCs that they connect to the Internet as regular ISP customers. ISPs in Asia are notorious for allowing spammers to use their services. I have been seriously considering blocking my servers from receiving any mail from China and Taiwan as I seem to only receive spam from those countries. > direct sending of email from their IPs (that is, they cannot send "direct > to MX" email anymore, they must use either their ISP's email servers, or > an open relay somewhere). I think this is a good move by ISPs as it is > effective and is technically easy to do (simple port blocking) so even the > smallest of ISPs can implement this. > > Following that logic, it makes sense that if you block the method spammers > use to send out emails, then no spam will be sent out. Yes. Unfortunately most asian ISPs appear to like hosting spammers. > Exactly.. when they block an innocent network to pressure a major > corporation > thay have crossed the line from being a good blacklist to being a tool for > extortion and libel. I read the summaries of email blocked by the blacklists from the ISPs I run. The vast majority of email blocked by the spews list is obviously spam (the From: addresses are obviously bogus or spam addresses), so for me it is provably working well! -- http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/projects.html Projects I am working on http://www.coker.com.au/~russell/ My home page
Re: OT: *****SPAM***** Re: unstable is "unstable"; stable is "outdated"]
On Mon, 4 Feb 2002 12:41, Jason Lim wrote: > > ORDB (ordb.ORG) lists open relays, SPEWS lists spammers. Using ORDB is > > very effective for blocking spammers who abuse open relays, but SPEWS > > can stop the direct spammers and their hosts. > > How are the spammers going to get their emails out? Most, if not all must > use open relays to send them out. Nowadays I think nearly all ISPs block They also use the mail servers of their ISPs and the PCs that they connect to the Internet as regular ISP customers. ISPs in Asia are notorious for allowing spammers to use their services. I have been seriously considering blocking my servers from receiving any mail from China and Taiwan as I seem to only receive spam from those countries. > direct sending of email from their IPs (that is, they cannot send "direct > to MX" email anymore, they must use either their ISP's email servers, or > an open relay somewhere). I think this is a good move by ISPs as it is > effective and is technically easy to do (simple port blocking) so even the > smallest of ISPs can implement this. > > Following that logic, it makes sense that if you block the method spammers > use to send out emails, then no spam will be sent out. Yes. Unfortunately most asian ISPs appear to like hosting spammers. > Exactly.. when they block an innocent network to pressure a major > corporation > thay have crossed the line from being a good blacklist to being a tool for > extortion and libel. I read the summaries of email blocked by the blacklists from the ISPs I run. The vast majority of email blocked by the spews list is obviously spam (the From: addresses are obviously bogus or spam addresses), so for me it is provably working well! -- http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark http://www.coker.com.au/postal/ Postal SMTP/POP benchmark http://www.coker.com.au/projects.html Projects I am working on http://www.coker.com.au/~russell/ My home page -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
OT: *****SPAM***** Re: unstable is "unstable"; stable is "outdated"]
> > That is why we suggest that businesses use ORDB (http://www.ordb.com) as > > it blocks most spam, but ONLY blocks spam and very rarely legitimate > > emails (we use this list for our personal emails too). > > ORDB (ordb.ORG) lists open relays, SPEWS lists spammers. Using ORDB is > very effective for blocking spammers who abuse open relays, but SPEWS > can stop the direct spammers and their hosts. How are the spammers going to get their emails out? Most, if not all must use open relays to send them out. Nowadays I think nearly all ISPs block direct sending of email from their IPs (that is, they cannot send "direct to MX" email anymore, they must use either their ISP's email servers, or an open relay somewhere). I think this is a good move by ISPs as it is effective and is technically easy to do (simple port blocking) so even the smallest of ISPs can implement this. Following that logic, it makes sense that if you block the method spammers use to send out emails, then no spam will be sent out. > Unless one's customers are clueful enough to be able to report spam > I would recommend using relays.ordb.org and relays.osirusoft.com (or > bl.spamcop.net when it is ready). I have found that my users are > more understanding of the possibility of a legitimate e-mail being > bounced when it comes from a bad source, than their e-mail address > on a web site resulting in all sorts of dubious offers. > Not in my experience. They block networks owned by spammers and they block > networks which host spammers. I have yet to see SPEWS block a responsible > user on a clean network. It is all too easy for spammers to spew from one > location while hosting at another, and SPEWS recognises that. Well, Perhaps this converstaion with a person who got "caught", just like others in Spews, will enlighten you: - > I *do* believe some of Sprint's customers (not you) may be spamming. I am > not in the USA and not sure of the whole picture over there, but I do > believe if a Sprint customer is spamming, you should block whatever the > spammer is using, rather than block the whole ISP, and not care what > happens. In SPEWS: -- -- Sprint just keeps assigning him new network blocks, safer to list entire Sprint ranges, eg: 65.172.0.0 - 65.173.255.255 -- - Exactly.. when they block an innocent network to pressure a major corporation thay have crossed the line from being a good blacklist to being a tool for extortion and libel. What makes it worse is then they hide and don't take responsability. Even Orbs had a contact email address. What Spews has done is gone from a good guy to a bad guy in my book. No blacklist is a good one if if it blocks the innocent and refuses to remove them even though no spam is coming from them. Open relays.. yes. KNOWN spammer ip's and netblocks.. yes. A whole class B of a major provider "just to be safe".. NO. Spews is just going to hurt "THE CAUSE" just like ORBS did. Spews goal should be the blockage of spam. If its main goal is to pressure companies it does not like it will get into trouble, again..just like ORBS did. > > > I have a friend who also does this. We both dropped spews because of too > > much legit mail being blocked. This was before all this happened.. > several > > weeks ago we tried them for awhile. > > > > I bet that most nets don't use them just like we decided not too. > > Yes, and with additional information and facts sent to the remaining nets > that do, they will probably drop Spews too. I'll check the logs and see if > any other prominent sites also use Spews, and I'll notify them too (not > that i'd have much say compared to outblaze, but it's worth a shot, and if > a few more ISPs send these companies information like this, they would not > want to bother with Spews anymore). > > What do you think? > Thats a good plan and the one I am going to use. I will forward you a copy of my letter when I can. Now that Ive thought about this more I think Spews will dig its own grave. The reason we are on their list is unjust and will cause others to drop them as the "word" gets out. > > automated testing to block mail servers, rather than rely on the decision > > of one or two unaccountable people with their own ideas. > > SPEWS is accountable to every person who uses SPEWS. If we don't like > their decisions we don't use their list. At the moment it seems the > number of people who use SPEWS is growing, because it is proving very > effective at blocking spammers and encouraging networks to be more > responsible. > Well, the sad fact is that most people do not take the time to fully understand what is going on. Spews *sounds* like a good idea, until you actually check the content of the database. Anyway, if one chooses to continue to use Spews and/or other blo
OT: *****SPAM***** Re: unstable is "unstable"; stable is "outdated"]
> > That is why we suggest that businesses use ORDB (http://www.ordb.com) as > > it blocks most spam, but ONLY blocks spam and very rarely legitimate > > emails (we use this list for our personal emails too). > > ORDB (ordb.ORG) lists open relays, SPEWS lists spammers. Using ORDB is > very effective for blocking spammers who abuse open relays, but SPEWS > can stop the direct spammers and their hosts. How are the spammers going to get their emails out? Most, if not all must use open relays to send them out. Nowadays I think nearly all ISPs block direct sending of email from their IPs (that is, they cannot send "direct to MX" email anymore, they must use either their ISP's email servers, or an open relay somewhere). I think this is a good move by ISPs as it is effective and is technically easy to do (simple port blocking) so even the smallest of ISPs can implement this. Following that logic, it makes sense that if you block the method spammers use to send out emails, then no spam will be sent out. > Unless one's customers are clueful enough to be able to report spam > I would recommend using relays.ordb.org and relays.osirusoft.com (or > bl.spamcop.net when it is ready). I have found that my users are > more understanding of the possibility of a legitimate e-mail being > bounced when it comes from a bad source, than their e-mail address > on a web site resulting in all sorts of dubious offers. > Not in my experience. They block networks owned by spammers and they block > networks which host spammers. I have yet to see SPEWS block a responsible > user on a clean network. It is all too easy for spammers to spew from one > location while hosting at another, and SPEWS recognises that. Well, Perhaps this converstaion with a person who got "caught", just like others in Spews, will enlighten you: - > I *do* believe some of Sprint's customers (not you) may be spamming. I am > not in the USA and not sure of the whole picture over there, but I do > believe if a Sprint customer is spamming, you should block whatever the > spammer is using, rather than block the whole ISP, and not care what > happens. In SPEWS: -- -- Sprint just keeps assigning him new network blocks, safer to list entire Sprint ranges, eg: 65.172.0.0 - 65.173.255.255 -- - Exactly.. when they block an innocent network to pressure a major corporation thay have crossed the line from being a good blacklist to being a tool for extortion and libel. What makes it worse is then they hide and don't take responsability. Even Orbs had a contact email address. What Spews has done is gone from a good guy to a bad guy in my book. No blacklist is a good one if if it blocks the innocent and refuses to remove them even though no spam is coming from them. Open relays.. yes. KNOWN spammer ip's and netblocks.. yes. A whole class B of a major provider "just to be safe".. NO. Spews is just going to hurt "THE CAUSE" just like ORBS did. Spews goal should be the blockage of spam. If its main goal is to pressure companies it does not like it will get into trouble, again..just like ORBS did. > > > I have a friend who also does this. We both dropped spews because of too > > much legit mail being blocked. This was before all this happened.. > several > > weeks ago we tried them for awhile. > > > > I bet that most nets don't use them just like we decided not too. > > Yes, and with additional information and facts sent to the remaining nets > that do, they will probably drop Spews too. I'll check the logs and see if > any other prominent sites also use Spews, and I'll notify them too (not > that i'd have much say compared to outblaze, but it's worth a shot, and if > a few more ISPs send these companies information like this, they would not > want to bother with Spews anymore). > > What do you think? > Thats a good plan and the one I am going to use. I will forward you a copy of my letter when I can. Now that Ive thought about this more I think Spews will dig its own grave. The reason we are on their list is unjust and will cause others to drop them as the "word" gets out. > > automated testing to block mail servers, rather than rely on the decision > > of one or two unaccountable people with their own ideas. > > SPEWS is accountable to every person who uses SPEWS. If we don't like > their decisions we don't use their list. At the moment it seems the > number of people who use SPEWS is growing, because it is proving very > effective at blocking spammers and encouraging networks to be more > responsible. > Well, the sad fact is that most people do not take the time to fully understand what is going on. Spews *sounds* like a good idea, until you actually check the content of the database. Anyway, if one chooses to continue to use Spews and/or other bl
Re: *****SPAM***** Re: unstable is "unstable"; stable is "outdated"]
On 02 Feb 2002, Jason Lim (of Zentek?) wrote: > Unfortunately, Spews and OSIRUS (they use Spews' list, so essentially the > same applies) have listed many ISPs in Hong Kong and around Asia Because they run open relays or insecure proxies, host spamware or spamvertised web sites, and ignore abuse reports. Just like rogue ISPs in Europe and the Americas are listed. I am not surprised if Zentek is blocked. In Q1 2001 I received many UCEs advertising sites hosted at zentek.net, and last week I even started getting spam to message-ids of abuse reports I had sent to zentek.net! http://spews.org/html/S475.html > That is why we suggest that businesses use ORDB (http://www.ordb.com) as > it blocks most spam, but ONLY blocks spam and very rarely legitimate > emails (we use this list for our personal emails too). ORDB (ordb.ORG) lists open relays, SPEWS lists spammers. Using ORDB is very effective for blocking spammers who abuse open relays, but SPEWS can stop the direct spammers and their hosts. Unless one's customers are clueful enough to be able to report spam I would recommend using relays.ordb.org and relays.osirusoft.com (or bl.spamcop.net when it is ready). I have found that my users are more understanding of the possibility of a legitimate e-mail being bounced when it comes from a bad source, than their e-mail address on a web site resulting in all sorts of dubious offers. > Spews is supposedly > "early warning", hence if the owner of Spews "thinks" there "may" be spam > coming from a certain place, they block if off first, whether or not spam > will really come through there or not. Not in my experience. They block networks owned by spammers and they block networks which host spammers. I have yet to see SPEWS block a responsible user on a clean network. It is all too easy for spammers to spew from one location while hosting at another, and SPEWS recognises that. > automated testing to block mail servers, rather than rely on the decision > of one or two unaccountable people with their own ideas. SPEWS is accountable to every person who uses SPEWS. If we don't like their decisions we don't use their list. At the moment it seems the number of people who use SPEWS is growing, because it is proving very effective at blocking spammers and encouraging networks to be more responsible. -- Mark
Re: *****SPAM***** Re: unstable is "unstable"; stable is "outdated"]
On 02 Feb 2002, Jason Lim (of Zentek?) wrote: > Unfortunately, Spews and OSIRUS (they use Spews' list, so essentially the > same applies) have listed many ISPs in Hong Kong and around Asia Because they run open relays or insecure proxies, host spamware or spamvertised web sites, and ignore abuse reports. Just like rogue ISPs in Europe and the Americas are listed. I am not surprised if Zentek is blocked. In Q1 2001 I received many UCEs advertising sites hosted at zentek.net, and last week I even started getting spam to message-ids of abuse reports I had sent to zentek.net! http://spews.org/html/S475.html > That is why we suggest that businesses use ORDB (http://www.ordb.com) as > it blocks most spam, but ONLY blocks spam and very rarely legitimate > emails (we use this list for our personal emails too). ORDB (ordb.ORG) lists open relays, SPEWS lists spammers. Using ORDB is very effective for blocking spammers who abuse open relays, but SPEWS can stop the direct spammers and their hosts. Unless one's customers are clueful enough to be able to report spam I would recommend using relays.ordb.org and relays.osirusoft.com (or bl.spamcop.net when it is ready). I have found that my users are more understanding of the possibility of a legitimate e-mail being bounced when it comes from a bad source, than their e-mail address on a web site resulting in all sorts of dubious offers. > Spews is supposedly > "early warning", hence if the owner of Spews "thinks" there "may" be spam > coming from a certain place, they block if off first, whether or not spam > will really come through there or not. Not in my experience. They block networks owned by spammers and they block networks which host spammers. I have yet to see SPEWS block a responsible user on a clean network. It is all too easy for spammers to spew from one location while hosting at another, and SPEWS recognises that. > automated testing to block mail servers, rather than rely on the decision > of one or two unaccountable people with their own ideas. SPEWS is accountable to every person who uses SPEWS. If we don't like their decisions we don't use their list. At the moment it seems the number of people who use SPEWS is growing, because it is proving very effective at blocking spammers and encouraging networks to be more responsible. -- Mark -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
*****SPAM***** Re: unstable is "unstable"; stable is "outdated"]
Hi, Thank you for telling me. Unfortunately, Spews and OSIRUS (they use Spews' list, so essentially the same applies) have listed many ISPs in Hong Kong and around Asia, meaning many of us over here are blocked from sending emails to the USA if a company uses Spews. That is why we suggest that businesses use ORDB (http://www.ordb.com) as it blocks most spam, but ONLY blocks spam and very rarely legitimate emails (we use this list for our personal emails too). Spews is supposedly "early warning", hence if the owner of Spews "thinks" there "may" be spam coming from a certain place, they block if off first, whether or not spam will really come through there or not. ORDB, on the other hand, uses automated testing to block mail servers, rather than rely on the decision of one or two unaccountable people with their own ideas. Telstra in Australia, PCCW (Pacific Century Cyberworks/ Hong Kong Telecom), Singtel, and others in Asia have many netblocks listed in Spews. Sprint is also has large chunks of netblocks blocked. We used it before and had too much legitimate business email blocked. So, again, thanks for telling me, but there is little I can do to unblock Asian ISPs. Spews is unaccountable to anyone and no one can contact them (which they say on their website). They have banged heads with many ISPs in Asia... maybe the owner of Spews is "overly patriotic" to the USA to the point of being racist (but I'll leave that discussion there). Sincerely, Jason - Original Message - From: "Oliver Andrich" <[EMAIL PROTECTED]> To: "Jason Lim" <[EMAIL PROTECTED]> Sent: Saturday, February 02, 2002 8:52 AM Subject: [EMAIL PROTECTED]: *SPAM* Re: unstable is "unstable"; stable is "outdated"] Hi, may be it is of interest to you, that the mailservers of your provider are in a anti-spam list. If not, just delete this mail. Discovered it, when my spamassassin caugth your email. Best regards, Oliver -- -- --- Oliver Andrich | Tel.: 0261-5009075 IT Projektmanagement,| Mobil: 0172-6538591 Systemprogrammierung und -design | Fax: 069-13305990076 | Email: [EMAIL PROTECTED] -- --- Fingerpring: 2AB5 B998 8BD2 AC3A E12A 3A8A 171E 5B1B EC4B 3C2B -- ---
*****SPAM***** Re: unstable is "unstable"; stable is "outdated"]
Hi, Thank you for telling me. Unfortunately, Spews and OSIRUS (they use Spews' list, so essentially the same applies) have listed many ISPs in Hong Kong and around Asia, meaning many of us over here are blocked from sending emails to the USA if a company uses Spews. That is why we suggest that businesses use ORDB (http://www.ordb.com) as it blocks most spam, but ONLY blocks spam and very rarely legitimate emails (we use this list for our personal emails too). Spews is supposedly "early warning", hence if the owner of Spews "thinks" there "may" be spam coming from a certain place, they block if off first, whether or not spam will really come through there or not. ORDB, on the other hand, uses automated testing to block mail servers, rather than rely on the decision of one or two unaccountable people with their own ideas. Telstra in Australia, PCCW (Pacific Century Cyberworks/ Hong Kong Telecom), Singtel, and others in Asia have many netblocks listed in Spews. Sprint is also has large chunks of netblocks blocked. We used it before and had too much legitimate business email blocked. So, again, thanks for telling me, but there is little I can do to unblock Asian ISPs. Spews is unaccountable to anyone and no one can contact them (which they say on their website). They have banged heads with many ISPs in Asia... maybe the owner of Spews is "overly patriotic" to the USA to the point of being racist (but I'll leave that discussion there). Sincerely, Jason - Original Message - From: "Oliver Andrich" <[EMAIL PROTECTED]> To: "Jason Lim" <[EMAIL PROTECTED]> Sent: Saturday, February 02, 2002 8:52 AM Subject: [[EMAIL PROTECTED]: *SPAM* Re: unstable is "unstable"; stable is "outdated"] Hi, may be it is of interest to you, that the mailservers of your provider are in a anti-spam list. If not, just delete this mail. Discovered it, when my spamassassin caugth your email. Best regards, Oliver -- -- --- Oliver Andrich | Tel.: 0261-5009075 IT Projektmanagement,| Mobil: 0172-6538591 Systemprogrammierung und -design | Fax: 069-13305990076 | Email: [EMAIL PROTECTED] -- --- Fingerpring: 2AB5 B998 8BD2 AC3A E12A 3A8A 171E 5B1B EC4B 3C2B -- --- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]