Re: Israeli ISP and Blacklisting
On Fri, Jul 25, 2008 at 8:40 AM, Imri Zvik <[EMAIL PROTECTED]> wrote: > Let me get this straight - You claim you already know of a specific user > that is abusing you over and over. You complain that this ISP is not willing > to help. I'm offering to help you, and I'm in the position to do so. > You refuse with the lame excuse I (or the company I work for) might sue > you? COME ON. Sounds quite evasive to me. If you really care and want > something to be done, you can use my help - If you want to continue with > this trolling, please, stop wasting my time. > > This doesn't become you, Imri. I will send the LIST OF USERS that are spamming me to the abuse address. If hypothetically, you are the ISP discussed, you should be able to help me then. Just give me some time to write a python script to download my spam folders and sort through the headers to find them. Besides, what good does it do to me that you're going to close the users' account this one singular time? I'm talking about years of continued abuse by many of your users. It's not going to be a one-off, and if mail to abuse doesn't seem to help, this one-off isn't going to do much of a difference anyway. So if I automate my scripts to the level that I can trust them to run unattended, I might be able to make it run on a regular basis and send automated messages to abuse, complete with headers and PGP signed, and then create a graph showing exactly how effective the abuse complaints are (i.e. how many messages I got after the first complaint and for how long). It might be an interesting experiment. I have however just recently relocated and am still pretty busy in a new role, location, country and continent so it will take some time. If it works out I might even do it for all Israeli ISPs and track it on a web page... Hmm... -- Arik
Re: Israeli ISP and Blacklisting
2008/7/24 Imri Zvik <[EMAIL PROTECTED]>: > How many people in this list thinks it's a good idea? > By default, yes. If someone needs to send email from localhost, let them specifically request it from their ISP. Then they can't claim stupid when SPAM is sent from their IP (be it static or dynamic). -- Dotan Cohen http://what-is-what.com http://gibberish.co.il א-ב-ג-ד-ה-ו-ז-ח-ט-י-ך-כ-ל-ם-מ-ן-נ-ס-ע-ף-פ-ץ-צ-ק-ר-ש-ת A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing?
RE: Israeli ISP and Blacklisting [summary and stop]
1. vauge and general, what can I do with with misconfigured systems around the globe? These system might not return a bounce for many other rejections/errors. How can you *ever* know? 2. So now *you* are deciding for other people (say, Oleg) what to do with their internet access? Who died and made you the queen? What if customer of ISP X still wants to use his email account at ISP Y? I can tell you for a fact there are more than one client who does that. The fact *you* don't follow this use case doesn't mean other people aren't either. uceprotect is an example for a *bad* way to fight spam. The way they want is just like taking the driving licences from everybody and make them ride the bus, just because some people are speeding. It's not that other RBLs doesn't block - it's just that most of them are doing it in a much more sane and productive way. From: Noam Rathaus [mailto:[EMAIL PROTECTED] Date: ה 24/07/2008 18:21 To: Imri Zvik Cc: linux-il Subject: Re: Israeli ISP and Blacklisting [summary and stop] Hi, 1) You are right, but not every plays by the rules, we recently had to prevent ezmlm from sending bounces for unsubscribed people as it was being used for spam, and getting us spam marked - so playing by the rules might be the right thing, but it is not always the intelligent thing to do. 2) I heard you the 10th time, I told you don't block, I think in today's world it is reasonable to block port 25, people either use: a) web mail (Gmail, Yahoo, Walla, etc) b) corporate mail via VPN c) home mail (outlook express, etc) at home None of this falls under the Internet cafe problem, and I know, as I drank quite a few cafes in my life. uceprotect is one example, if I had another one I would show it, sorry, doesn't mean its not the right/wrong example. On Thursday 24 July 2008 17:46:51 Imri Zvik wrote: > 1. Usually it would block the sending system during the SMTP session - so > if the mail system you are using is properly configured you should get ALL > the bounces. > > 2. You ignored my repeated question - Do you think blocking port 25 all > together (as they suggest) is a good idea? Keep in mind that if all ISPs > where to implement that, and you are a Netvision customer, for example, and > want to send email through 012 Smile mail system using your username and > password at 012, It wouldn't be possible. > > If you are sitting at some coffee place that offers free wifi with ISP > different than yours, and want to send an email using your ISP mail > servers, you wouldn't be able to do that. > > If you have your own mail server and don't want to route your email through > your ISP - you wouldn't be able to do that. > > This is the *only* way you can live up to uceprotect's expectations in the > long run. > > I am *really* interested to know how many users in this list are pro this > suggestion, and how many are against it. > > > > > -Original Message- > From: Noam Rathaus [mailto:[EMAIL PROTECTED] > Sent: Thursday, July 24, 2008 5:13 PM > To: Imri Zvik > Cc: linux-il > Subject: Re: Israeli ISP and Blacklisting [summary and stop] > > Hi, > > I am not completely blocked, but I don't want to be partially blocked > either. > > At least two emails bounced (to two unique destinations) saying we were > blacklisted, I cannot tell you how many were blocked and didn't bounce - it > will take me days, if ever to know. > > I will solve your security problems, can't help you with your spam problems > - not my expertise. > > Arik didn't disappear, maybe he has work to do beside answering emails here > - I trust Arik to get back to you. > > On Thursday 24 July 2008 17:06:04 Imri Zvik wrote: > > Again, you are putting it as if you are completely blocked and you cannot > > send mails at all. Can you please tell me how many of your mails were > > blocked due to this listing, and to how many unique destinations? > > > > Only one person (Arik) complained about actual problem, and when I asked > > for information he disappeared. > > > > It seems you don't really want to solve anything, or suggest any feasible > > solutions. > > > > I ask again - do you think blocking port 25 completely is a good idea? > > Can you live with that? How many people in this list thinks it's a good > > idea? > > > > > > -Original Message- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On Behalf Of Noam Rathaus Sent: > > Thursday, July 24, 2008 4:33 PM > > To: linux-il > > Subject: Re: Israeli ISP and Blacklisting [summary and stop] > > > > Hi, > > > > My last email on the subject :) > > > > As it appears that some people are pro-ISP, some are con-ISP, and I don't > > care which is which > > > > All I wanted to see, whether this is a global issue, apparently it is, > > more than one is willing to talk about it, I believe others simply don't > > know they are blacklisted, others have yet to be affected by it, and > > others more don't know they are affected. > >
RE: Israeli ISP and Blacklisting
Let me get this straight - You claim you already know of a specific user that is abusing you over and over. You complain that this ISP is not willing to help. I'm offering to help you, and I'm in the position to do so. You refuse with the lame excuse I (or the company I work for) might sue you? COME ON. Sounds quite evasive to me. If you really care and want something to be done, you can use my help - If you want to continue with this trolling, please, stop wasting my time. From: [EMAIL PROTECTED] בשם Arik Baratz Date: ה 24/07/2008 18:09 To: Imri Zvik; linux-il Subject: Re: Israeli ISP and Blacklisting On Thu, Jul 24, 2008 at 11:22 PM, Imri Zvik <[EMAIL PROTECTED]> wrote: I can only assume you are addressing me. Due to the latest trend of libel suits, I cannot confirm nor deny. You are just flaming now. You have no idea what we are doing to stop or fight spam, and this public list is not the place to list those things. For the particular ISP I was talking about, I know that the same authenticated user has sent me messages after several complaints, so I know for a fact that the same user keeps spamming. I'm only answering you here because I don't want to create the state of "שתיקה כהודאה" (silence as admittance, lit trans) 2. If you have any repeating issues with spammers using our mail system, I would be GLAD to know about it. Please provide me with full headers. I appreciate your suggestion. I will obviously not contact you because that would mean that you are the ISP I was talking about. I will however make an attempt to create a compendium of the headers from the last 30 days of spam that I have and send it to the abuse address of the offending ISP. It will take me some time as analyzing 1000s of spam messages means that I need to write code to do it, but I will get to it eventually. -- Arik
Re: Israeli ISP and Blacklisting [summary and stop]
On Thursday, 24 בJuly 2008, Noam Rathaus wrote: > Oh a friend of mine (thanks) pointed me to this: > ISPs that block Port 25 > > This list contains some of the major ISPs that block port 25 on their > servers That does not mean we want every ISP to copy their behaviour. > Comcast ATTBI Yes, those are the ones that were caught red-handed playing games with their customers P2P traffic and are under federal investigation. Good example indeed. We have enough reason to suspect (big understatement) that our ISP's are very keen on doing what these "big boys" are doing. Thanks, but no thanks. I'll second Oleg -- ISP's are not and should not be allowed messing with their customers traffic! Regarding spam. AFAIR, in the standard contract with ISP's the customer already agree not to use the account for any illegal purpose, blah, blah,... If/when spam is formally illegal (I think the severe cases are already covered by current law in Israel, but not sure) there would not be a problem applying this in various ways: closing the account, taking legal actions (e.g: compensation for the collateral damage caused by the spammer etc.) Let's not try to use a cure that is worse than the disease. -- Oron Peled Voice/Fax: +972-4-8228492 [EMAIL PROTECTED] http://www.actcom.co.il/~oron "UNIX was not designed to stop you from doing stupid things, because that would also stop you from doing clever things." --Doug Gwyn To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Israeli ISP and Blacklisting
shimi <[EMAIL PROTECTED]> writes: > Do you have any better solution? :) Well, merits and downsides of different solutions may be (and are) discussed at length. I do not intend to spend my time on it. However, I do postulate the following: no solution that prevents me from doing something perfectly legal and normal just because someone else somewhere *may* be doing something nasty is utterly unacceptable. Any solution that does not impose this restriction on me is better. Filtering IP addresses is a crude and rude workaround with unacceptable side effects and not a solution of the actual problem. Generalizing further, ISPs must not filter *anything* by default, unless specifically requested by the client. I have used my own SMTP server for years (on a dial-up, and later on a DSL connection, until a few months ago), and I can recall only two recipients who rejected my emails because of it - that foreign ISP that I mentioned earlier and HaifaU. As I mentioned, I encountered one major email service that filtered my (then) ISP's mail servers. So based on a representative sample of one I guess blacklists blocking all (or Israeli) dial-up/DSL addresses are not used much. -- Oleg Goldshmidt | [EMAIL PROTECTED] = To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Israeli ISP and Blacklisting
On Thu, Jul 24, 2008 at 8:17 PM, Oleg Goldshmidt <[EMAIL PROTECTED]> wrote: > shimi <[EMAIL PROTECTED]> writes: > > > Or did you just use users dial-up/DSL/cable IP ranges in your test, > > which SHOULD be blacklisted (why would a home user need to emit SMTP > > traffic on his own instead of his ISP SMTP servers, where proper > > authentication and thus logging and auditing can be taken care of? > > I am sorry? Why shouldn't I be able to use my own SMTP server and > instead be forced to rely on someone else's that might or might not > work better than mine, be blacklisted, or whatever? Why should I > *need* my own SMTP server? Sorry, but it's none of anyone's > business. Avoiding the ISP's "logging and auditing" can be reason > enough. If _every_ spammer on earth (including "what do you wanr from us? we have an opt-out option!") would be sent to jail for a couple of years, I would totally agree with you. However, my filters block between _hundreds_ to _thousands_ of spam messages _per day_, most of them coming from... those addresses. So it makes some sense to have a list of them... In a perfect world, I would agree with you completely; It is a hassle to use a smarthost indeed. But until there would be some way of non-centralized origin-authenticated SMTP with a web-of-trust domain list (so people will not just register new domains to evade blacklisting) that you could configure a "positive-trust-threshold" you agree to receive mail from - I think that having an RBL that lists spamming netblocks is a Good To Have thing. It is the receiver who shall decide if s/he wishes to receive traffic from people listed there... better than blocking port 25 alltogether... Do you have any better solution? :) -- Shimi
Re: Israeli ISP and Blacklisting
shimi <[EMAIL PROTECTED]> writes: > Or did you just use users dial-up/DSL/cable IP ranges in your test, > which SHOULD be blacklisted (why would a home user need to emit SMTP > traffic on his own instead of his ISP SMTP servers, where proper > authentication and thus logging and auditing can be taken care of? I am sorry? Why shouldn't I be able to use my own SMTP server and instead be forced to rely on someone else's that might or might not work better than mine, be blacklisted, or whatever? Why should I *need* my own SMTP server? Sorry, but it's none of anyone's business. Avoiding the ISP's "logging and auditing" can be reason enough. I recall that at one point of time, not so long ago, I found out that a particular foreign ISP that shall remain unnamed used exactly the type of blocking you advocate (e.g., refuse all emails not coming from "authorized" servers - by the way, it is not blacklisting, it is effectively whitelisting, i.e., everything is blocked by default except what we decide to allow). I decided to switch my home SMTP server to use my ISP (that shall remain unnamed) as smarthost, and quickly found out that my mail no longer gets to yahoo.com. Guess what - I send much more email to yahoo.com addresses than to the particular foreign ISP that implemented the stupid policy. In fact, I don't think I have sent a single email to any address of theirs ever since. > Most RBLs will list all non-ISP-managed block ranges for the above > reasons, regardless of their location on the globe... And in any geographical location with half-decent regulation this should be outlawed outright - it is not up to an ISP or carrier to decide what service I can or cannot run on my computers. -- Oleg Goldshmidt | [EMAIL PROTECTED] = To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
RE: Israeli ISP and Blacklisting
It means they have 208 IPs that sent at least *one* spam in the past 7 days from a range that includes 131070 hosts! The way they are calculating it, it means it could be that they only got 208 spam emails in the last 7 days, and that was enough to block the whole A class. I'm sorry, but this is not reasonable - It doesn't even leave room for the ISP to cooperate and deal with the spammer. I need to understand - are you in favor of blocking port 25? How many people in this list thinks it's a good idea? -Original Message- From: Noam Rathaus [mailto:[EMAIL PROTECTED] Sent: Thursday, July 24, 2008 4:36 PM To: Imri Zvik Cc: shimi; linux-il Subject: Re: Israeli ISP and Blacklisting Just my two cents, I checked a few IP addresses that are listed under the AS of zahav.net.il, as well as the mail server of zahav.net.il And it is very close to getting RBL blocked: 84.94.0.0/15 - ATTENTION Increased Listingrisk - Level 1 listed spammers within the last 7 days 208 -Escalation to Level 2 by Level 1 records 445 But ignore it, as this RBL (http://www.uceprotect.net/en/rblcheck.php) is nothing to worry about, as you mentioned - rarely used or trusted. On Thursday 24 July 2008 16:30:50 Imri Zvik wrote: > Shimi, > > > > I cannot speak on behalf of other ISPs, but if you have problems with the > one I'm working at, please share the information with me, and I promise you > I will get to the bottom of this. > > > > Bottom line, I can assure you that *WE* are doing *a lot* to deal with spam > from our mail system/network. Again, as evidence we have good scores at big > and widely used RBLs. > > I also know, from second hand, that the other ISPs are also putting a lot > of efforts in order to deal with this issue. > > This all discussion started from *one* RBL which is notorious for its harsh > treatment. No one provided any specific problem, and everybody jumped into > the conclusion that if this RBL is blocking you, it means you are not doing > anything to deal with spam. This conclusion is just wrong. > > > > > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of shimi > Sent: Thursday, July 24, 2008 4:16 PM > To: Imri Zvik > Cc: Noam Rathaus; linux-il > Subject: Re: Israeli ISP and Blacklisting > > > > Imri, > > On Thu, Jul 24, 2008 at 3:57 PM, Imri Zvik <[EMAIL PROTECTED]> wrote: > > How do you know abuse@ doesn't "really take care of users"? It seems like > your whole response is generalizing and vague. > > > I know because if after two weeks from their reply that they will "handle > it" I see the same user doing the same thing again from the same ISP, > then... > > What does an AUP worth if it is not enforced? > > The whole Israeli spam market is dominated by a VERY little amount of > people, and there is a reason that they're still spamming. Given that there > are like 3 ISPs in the country nowdays, they're not doing so because they > jump from an ISP to ISP after each one is denying them service, rather then > because they're paying customers, and denying them service means less > income. > > > > I don't see how the old QoS argument as anything to do with dealing with > abuse. I must remind you that downloading copyrighted materiel is > officially abuse too. > > > It does for a very simple reason; ISPs care only about cashflow. Removing > bad users from the possibility to get service leads for less profits. > Paying more for bandwidth leads for less profits. > > Re. your comment about copyrighted material, I have three things to say: > > 1.I don't really understand how is that abuse; You're not attacking any > system, and you're distrubing no-one (besides RIAA, BSA and others - but > that's not abuse). 2. The ISPs want to play the police and court? Fine, I > guess it's their right (and being a FOSS user, I couldn't care less...) - > if the law permits them to observe traffic and sabotage it - I have no > problem with that (what about BitTorrent to download the latest Linux > release?) 3. They DENY the fact that they're doing it! They claim that > "there are no means to do that!". If you don't believe me, read official > commentary from various spokesmen in Ynet articles regarding slow P2P in > various ISPs. > > Finally, I was not even talking about P2P - that was YOUR assumption. > They're [at least some of them] QoSing NON-HTTP traffic. Like CVS checkout > from an Open Source project, or my connection to an IRC network (how else > can you explain a 180ms ICMP but a 1 second IRC "ping" command roundtrip?). > How is that an abuse or illegal? > > But that's really OT, so let's stop here. I was just giving another example > for "we deserve this for not standing for our customer rights". > > -- Shimi -- Noam Rathaus CTO [EMAIL PROTECTED] http://www.beyondsecurity.com "Know that you are safe." Beyond Security Finalist for the "Red Herring 100 Global" Awards 2007
Re: Israeli ISP and Blacklisting [summary and stop]
Oh a friend of mine (thanks) pointed me to this: ISPs that block Port 25 This list contains some of the major ISPs that block port 25 on their servers (http://www.postcastserver.com/help/Port_25_Blocking.aspx): AT&T (can be unblocked at the request) MindSpring BellSouth MSN CableOne NetZero Charter People PC Comcast ATTBI Sprynet Cox Sympatico.ca EarthLink Verio Flashnet Verizon MediaOne All are ISPs that understand the problem port 25 poses, and decided to do something On Thursday 24 July 2008 18:21:57 Noam Rathaus wrote: > Hi, > > 1) You are right, but not every plays by the rules, we recently had to > prevent ezmlm from sending bounces for unsubscribed people as it was being > used for spam, and getting us spam marked - so playing by the rules might > be the right thing, but it is not always the intelligent thing to do. > > 2) I heard you the 10th time, I told you don't block, I think in today's > world it is reasonable to block port 25, people either use: > a) web mail (Gmail, Yahoo, Walla, etc) > b) corporate mail via VPN > c) home mail (outlook express, etc) at home > > None of this falls under the Internet cafe problem, and I know, as I drank > quite a few cafes in my life. > > uceprotect is one example, if I had another one I would show it, sorry, > doesn't mean its not the right/wrong example. > > On Thursday 24 July 2008 17:46:51 Imri Zvik wrote: > > 1. Usually it would block the sending system during the SMTP session - so > > if the mail system you are using is properly configured you should get > > ALL the bounces. > > > > 2. You ignored my repeated question - Do you think blocking port 25 all > > together (as they suggest) is a good idea? Keep in mind that if all ISPs > > where to implement that, and you are a Netvision customer, for example, > > and want to send email through 012 Smile mail system using your username > > and password at 012, It wouldn't be possible. > > > > If you are sitting at some coffee place that offers free wifi with ISP > > different than yours, and want to send an email using your ISP mail > > servers, you wouldn't be able to do that. > > > > If you have your own mail server and don't want to route your email > > through your ISP - you wouldn't be able to do that. > > > > This is the *only* way you can live up to uceprotect's expectations in > > the long run. > > > > I am *really* interested to know how many users in this list are pro this > > suggestion, and how many are against it. > > > > > > > > > > -Original Message- > > From: Noam Rathaus [mailto:[EMAIL PROTECTED] > > Sent: Thursday, July 24, 2008 5:13 PM > > To: Imri Zvik > > Cc: linux-il > > Subject: Re: Israeli ISP and Blacklisting [summary and stop] > > > > Hi, > > > > I am not completely blocked, but I don't want to be partially blocked > > either. > > > > At least two emails bounced (to two unique destinations) saying we were > > blacklisted, I cannot tell you how many were blocked and didn't bounce - > > it will take me days, if ever to know. > > > > I will solve your security problems, can't help you with your spam > > problems - not my expertise. > > > > Arik didn't disappear, maybe he has work to do beside answering emails > > here - I trust Arik to get back to you. > > > > On Thursday 24 July 2008 17:06:04 Imri Zvik wrote: > > > Again, you are putting it as if you are completely blocked and you > > > cannot send mails at all. Can you please tell me how many of your mails > > > were blocked due to this listing, and to how many unique destinations? > > > > > > Only one person (Arik) complained about actual problem, and when I > > > asked for information he disappeared. > > > > > > It seems you don't really want to solve anything, or suggest any > > > feasible solutions. > > > > > > I ask again - do you think blocking port 25 completely is a good idea? > > > Can you live with that? How many people in this list thinks it's a good > > > idea? > > > > > > > > > -Original Message- > > > From: [EMAIL PROTECTED] > > > [mailto:[EMAIL PROTECTED] On Behalf Of Noam Rathaus Sent: > > > Thursday, July 24, 2008 4:33 PM > > > To: linux-il > > > Subject: Re: Israeli ISP and Blacklisting [summary and stop] > > > > > > Hi, > > > > > > My last email on the subject :) > > > > > > As it appears that some people are pro-ISP, some are con-ISP, and I > > > don't care which is which > > > > > > All I wanted to see, whether this is a global issue, apparently it is, > > > more than one is willing to talk about it, I believe others simply > > > don't know they are blacklisted, others have yet to be affected by it, > > > and others more don't know they are affected. > > > > > > And me as the person wanting to send emails in a non-spam and legal way > > > is left with the only alternative to move out his servers from Israel - > > > specifically the mail server - as Israeli ISPs are RBLed - YES YES just > > > one RBL and he is a bad bad RBL - which asks too many things - but > > > apparently some ISPs ag
Re: Israeli ISP and Blacklisting [summary and stop]
On Fri, Jul 25, 2008 at 12:13 AM, Noam Rathaus <[EMAIL PROTECTED]> wrote: > > Arik didn't disappear, maybe he has work to do beside answering emails here > - > I trust Arik to get back to you. > > > Only one person (Arik) complained about actual problem, and when I asked > > for information he disappeared. > > Nope I didn't disappear - I sent a message 35 minutes ago to the list - wasn't it received? -- Arik
RE: Israeli ISP and Blacklisting
You are again misreading what I wrote. I never said we are not dealing with it, but that I don't think that blocking people access all together is a good solution. Again, you are clinging to *ONE* RBL, ignoring the *GOOD* scores at other major RBLs. Please don't distort my words. -Original Message- From: Noam Rathaus [mailto:[EMAIL PROTECTED] Sent: Thursday, July 24, 2008 4:43 PM To: Imri Zvik Cc: Omer Zak; linux-il Subject: Re: Israeli ISP and Blacklisting Imri, Ok - don't block anything. Continue as usual I understand that this war was lost when I renewed my contract for server hosting in Israel. I should have seen this and moved them to somewhere better. If that doesn't bring to light the issue - causes to to understand that this needs to be resolved, I guess I didn't do my job correctly. On Thursday 24 July 2008 16:37:50 Imri Zvik wrote: > Noam, > > You do realize that what you mean is that the ISP will block port 25 all > together - meaning, that all of you people running your own mail server > at home will be forced to use your ISP as a smarthost (either with > manual configuration, or using traffic redirection at the ISP routers). > > I'm sure you already forgot, but when the ISPs blocked the netbios ports > few years ago in order to stop worms outbreaks, a lot of people > complained that the ISPs shouldn't block ports at all. > > > > -Original Message- > From: Noam Rathaus [mailto:[EMAIL PROTECTED] > Sent: Thursday, July 24, 2008 4:24 PM > To: Imri Zvik > Cc: Omer Zak; linux-il > Subject: Re: Israeli ISP and Blacklisting > > Hi, > > This RBL, even if is a bit extremist, is something used by a few of our > customers's commercial spam filtering product. > > So this affects not just me, but others, but I am getting the feeling > here > that the messenger is getting shot, and we are giving a lean hand to the > > ISPs, as it is too difficult to "protected themselves". > > But if you are happy with the level of service Israeli ISPs are giving, > enjoy, > I think for one, customers should demand better. > > This debate brings me back to the day when Code Red was bringing down > servers, > and people complained that ISPs wouldn't block offending computers, and > the > ISPs retaliated with freedom of speak and moving response - silly. Same > here, > the ISP should prevent SPAM I don't care how, but they should, I am > working > with T-Mobile both in Europe and in United States, and you (as an end > customer) send out mail directly unless it goes through their SMTP > servers - > if you have a VPN do whatever you want. > > BTW The company takes money in order to discourge people from nagging > them to > get removed. > > On Thursday 24 July 2008 15:45:03 Imri Zvik wrote: > > Noam, > > Again, and I will try to type it slowly so you can understand - You > > are > > > talking about *ONE* RBL, which is notorious for blocking whole AS, and > > refusing to work with it's abuse departments. You are clinging to this > > RBL listing as if being listed at this particular RBL means that we > > (as > > > in Israel or the ISP) are now completely cut-off from the world, or > > that > > > if you are listed in this RBL it means your ISP is doing nothing to > > fight abuse. > > > > It's either you misunderstand how extreme this RBL is, and how fast > > and > > > for how little they block a whole AS, or you are just trying to flame. > > > > > > > > -Original Message- > > From: Noam Rathaus [mailto:[EMAIL PROTECTED] > > Sent: Thursday, July 24, 2008 3:09 PM > > To: Imri Zvik > > Cc: Omer Zak; linux-il > > Subject: Re: Israeli ISP and Blacklisting > > > > Hi, > > > > You are right, it is easy to get RBLed, and semi-easy to get out of an > > RBL, > > but it doesn't help to email abuse@ or anything else, if your ISP is > > marked > > as bad. > > > > On Thursday 24 July 2008 14:31:48 Imri Zvik wrote: > > > *Sigh* Don't you have anything better to do? I can report that > > Israeli > > > > ISPs get decent cooperation (well most of the times, and from most > > > RBLs). No one is going to block Israel completely. > > > > > > If you have a specific email that was blocked, or a specific RBL > > (with > > > > reasonable demands) you want to be removed from, please email abuse@ > > > > > > -Original Message- > > > From: [EMAIL PROTECTED] > > > [mailto:[EMAIL PROTECTED] On Behalf Of Omer Zak > > > Sent: Thursday, July 24, 2008 1:38 PM > > > To: linux-il > > > Subject: Re: Israeli ISP and Blacklisting > > > > > > I have E-mailed my ISP about this. > > > > > > You may want to add to your E-mail to your ISP also your concerns > > that > > > > since ALL Israeli ISPs are blacklisted, the entire country is in > > > > danger > > > > > of being backlisted as a country. > > > > > > While the real reason for such an action would be political, the > > spam > > > > handling situation is too convenient excuse to pass up. > > > > > > On Thu, 2008-07-24 at 12:57 +0300, Noam Rathaus wrote: > > > > Hi, > > > > >
Re: Israeli ISP and Blacklisting [summary and stop]
Hi, 1) You are right, but not every plays by the rules, we recently had to prevent ezmlm from sending bounces for unsubscribed people as it was being used for spam, and getting us spam marked - so playing by the rules might be the right thing, but it is not always the intelligent thing to do. 2) I heard you the 10th time, I told you don't block, I think in today's world it is reasonable to block port 25, people either use: a) web mail (Gmail, Yahoo, Walla, etc) b) corporate mail via VPN c) home mail (outlook express, etc) at home None of this falls under the Internet cafe problem, and I know, as I drank quite a few cafes in my life. uceprotect is one example, if I had another one I would show it, sorry, doesn't mean its not the right/wrong example. On Thursday 24 July 2008 17:46:51 Imri Zvik wrote: > 1. Usually it would block the sending system during the SMTP session - so > if the mail system you are using is properly configured you should get ALL > the bounces. > > 2. You ignored my repeated question - Do you think blocking port 25 all > together (as they suggest) is a good idea? Keep in mind that if all ISPs > where to implement that, and you are a Netvision customer, for example, and > want to send email through 012 Smile mail system using your username and > password at 012, It wouldn't be possible. > > If you are sitting at some coffee place that offers free wifi with ISP > different than yours, and want to send an email using your ISP mail > servers, you wouldn't be able to do that. > > If you have your own mail server and don't want to route your email through > your ISP - you wouldn't be able to do that. > > This is the *only* way you can live up to uceprotect's expectations in the > long run. > > I am *really* interested to know how many users in this list are pro this > suggestion, and how many are against it. > > > > > -Original Message- > From: Noam Rathaus [mailto:[EMAIL PROTECTED] > Sent: Thursday, July 24, 2008 5:13 PM > To: Imri Zvik > Cc: linux-il > Subject: Re: Israeli ISP and Blacklisting [summary and stop] > > Hi, > > I am not completely blocked, but I don't want to be partially blocked > either. > > At least two emails bounced (to two unique destinations) saying we were > blacklisted, I cannot tell you how many were blocked and didn't bounce - it > will take me days, if ever to know. > > I will solve your security problems, can't help you with your spam problems > - not my expertise. > > Arik didn't disappear, maybe he has work to do beside answering emails here > - I trust Arik to get back to you. > > On Thursday 24 July 2008 17:06:04 Imri Zvik wrote: > > Again, you are putting it as if you are completely blocked and you cannot > > send mails at all. Can you please tell me how many of your mails were > > blocked due to this listing, and to how many unique destinations? > > > > Only one person (Arik) complained about actual problem, and when I asked > > for information he disappeared. > > > > It seems you don't really want to solve anything, or suggest any feasible > > solutions. > > > > I ask again - do you think blocking port 25 completely is a good idea? > > Can you live with that? How many people in this list thinks it's a good > > idea? > > > > > > -Original Message- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On Behalf Of Noam Rathaus Sent: > > Thursday, July 24, 2008 4:33 PM > > To: linux-il > > Subject: Re: Israeli ISP and Blacklisting [summary and stop] > > > > Hi, > > > > My last email on the subject :) > > > > As it appears that some people are pro-ISP, some are con-ISP, and I don't > > care which is which > > > > All I wanted to see, whether this is a global issue, apparently it is, > > more than one is willing to talk about it, I believe others simply don't > > know they are blacklisted, others have yet to be affected by it, and > > others more don't know they are affected. > > > > And me as the person wanting to send emails in a non-spam and legal way > > is left with the only alternative to move out his servers from Israel - > > specifically the mail server - as Israeli ISPs are RBLed - YES YES just > > one RBL and he is a bad bad RBL - which asks too many things - but > > apparently some ISPs agree to doing it. > > > > On Thursday 24 July 2008 15:58:42 you wrote: > > > On Thu, Jul 24, 2008 at 10:11 PM, Noam Rathaus > > > <[EMAIL PROTECTED]> wrote: > > > > > > I am taking my "stuff" elsewhere, the ISP's responsibility is to > > > provide > > > > > > > service, and it should be good service - meaning stopping others from > > > > abusing > > > > the network, which in turn is used against me - as I am blocked in an > > > > RBL. > > > > > > Let me suggest a radical idea. > > > > > > I think that it is a good thing that Israel will be blocked in as many > > > RBLs as possible. > > > > > > And here's why. For the people on this list, it's a big deal but not > > > critical. I put it to you that most companies will deal with it one way >
RE: Israeli ISP and Blacklisting [summary and stop]
1. Usually it would block the sending system during the SMTP session - so if the mail system you are using is properly configured you should get ALL the bounces. 2. You ignored my repeated question - Do you think blocking port 25 all together (as they suggest) is a good idea? Keep in mind that if all ISPs where to implement that, and you are a Netvision customer, for example, and want to send email through 012 Smile mail system using your username and password at 012, It wouldn't be possible. If you are sitting at some coffee place that offers free wifi with ISP different than yours, and want to send an email using your ISP mail servers, you wouldn't be able to do that. If you have your own mail server and don't want to route your email through your ISP - you wouldn't be able to do that. This is the *only* way you can live up to uceprotect's expectations in the long run. I am *really* interested to know how many users in this list are pro this suggestion, and how many are against it. -Original Message- From: Noam Rathaus [mailto:[EMAIL PROTECTED] Sent: Thursday, July 24, 2008 5:13 PM To: Imri Zvik Cc: linux-il Subject: Re: Israeli ISP and Blacklisting [summary and stop] Hi, I am not completely blocked, but I don't want to be partially blocked either. At least two emails bounced (to two unique destinations) saying we were blacklisted, I cannot tell you how many were blocked and didn't bounce - it will take me days, if ever to know. I will solve your security problems, can't help you with your spam problems - not my expertise. Arik didn't disappear, maybe he has work to do beside answering emails here - I trust Arik to get back to you. On Thursday 24 July 2008 17:06:04 Imri Zvik wrote: > Again, you are putting it as if you are completely blocked and you cannot > send mails at all. Can you please tell me how many of your mails were > blocked due to this listing, and to how many unique destinations? > > Only one person (Arik) complained about actual problem, and when I asked > for information he disappeared. > > It seems you don't really want to solve anything, or suggest any feasible > solutions. > > I ask again - do you think blocking port 25 completely is a good idea? Can > you live with that? How many people in this list thinks it's a good idea? > > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > On Behalf Of Noam Rathaus Sent: Thursday, July 24, 2008 4:33 PM > To: linux-il > Subject: Re: Israeli ISP and Blacklisting [summary and stop] > > Hi, > > My last email on the subject :) > > As it appears that some people are pro-ISP, some are con-ISP, and I don't > care which is which > > All I wanted to see, whether this is a global issue, apparently it is, more > than one is willing to talk about it, I believe others simply don't know > they are blacklisted, others have yet to be affected by it, and others more > don't know they are affected. > > And me as the person wanting to send emails in a non-spam and legal way is > left with the only alternative to move out his servers from Israel - > specifically the mail server - as Israeli ISPs are RBLed - YES YES just one > RBL and he is a bad bad RBL - which asks too many things - but apparently > some ISPs agree to doing it. > > On Thursday 24 July 2008 15:58:42 you wrote: > > On Thu, Jul 24, 2008 at 10:11 PM, Noam Rathaus <[EMAIL PROTECTED]> > > wrote: > > > > I am taking my "stuff" elsewhere, the ISP's responsibility is to provide > > > > > service, and it should be good service - meaning stopping others from > > > abusing > > > the network, which in turn is used against me - as I am blocked in an > > > RBL. > > > > Let me suggest a radical idea. > > > > I think that it is a good thing that Israel will be blocked in as many > > RBLs as possible. > > > > And here's why. For the people on this list, it's a big deal but not > > critical. I put it to you that most companies will deal with it one way > > or another, by tunneling their ways somehow. I can think of 10 ways right > > now. > > > > The people who will suffer are the "regular users", those who use the ISP > > mailbox (gaaa!) and have zero technical knowhow. There are a lot of them, > > which means that they will make a lot of noise. > > > > The ISPs will then become a relatively unregulated industry that > > apparently doesn't work properly without regulation. It also has a status > > of a quasi-essential infrastructure. I sincerely hope that the regulator > > will step up to the plate and regulate the ISPs and what they need to do > > to spammers, in an effort to make the infrastructure usable again. Maybe > > our star will shine and we'll see some heavy-handed anti-spam law, > > especially if the ISPs respond to regulation by saying the burden is too > > high because spammers don't have an incentive to stop. > > > > So before you start flaming, consider this: Change only happen out of > > necessity. The stronger the necessity - the
Re: Israeli ISP and Blacklisting
On Thu, Jul 24, 2008 at 11:59 PM, Imri Zvik <[EMAIL PROTECTED]> wrote: > It means they have 208 IPs that sent at least *one* spam in the past 7 days > from a range that includes 131070 hosts! > The way they are calculating it, it means it could be that they only got > 208 spam emails in the last 7 days, and that was enough to block the whole A > class. I'm sorry, but this is not reasonable - It doesn't even leave room > for the ISP to cooperate and deal with the spammer. > > I need to understand - are you in favor of blocking port 25? How many > people in this list thinks it's a good idea? > > Although I don't think it's good to block port 25, I think that allowing port 25 only for customers who sign an agreement which says that: * They will pay 1500NIS for every message from their account - backed by a credit card with pre-authorization of the card * If a recipient has complained - showing the full headers - and the message was sent in bulk - and the sender cannot prove that the recipient actually asked for the message = by showing the double opt-in message logs complete with IP addresses Sometimes people forget that they signed up for a list. -- Arik
Re: Israeli ISP and Blacklisting
On Thu, Jul 24, 2008 at 11:22 PM, Imri Zvik <[EMAIL PROTECTED]> wrote: > I can only assume you are addressing me. > Due to the latest trend of libel suits, I cannot confirm nor deny. > You are just flaming now. You have no idea what we are doing to stop or > fight spam, and this public list is not the place to list those things. > > For the particular ISP I was talking about, I know that the same authenticated user has sent me messages after several complaints, so I know for a fact that the same user keeps spamming. I'm only answering you here because I don't want to create the state of "שתיקה כהודאה" (silence as admittance, lit trans) > > 2. If you have any repeating issues with spammers using our mail > system, I would be GLAD to know about it. Please provide me with full > headers. > > I appreciate your suggestion. I will obviously not contact you because that would mean that you are the ISP I was talking about. I will however make an attempt to create a compendium of the headers from the last 30 days of spam that I have and send it to the abuse address of the offending ISP. It will take me some time as analyzing 1000s of spam messages means that I need to write code to do it, but I will get to it eventually. -- Arik
Re: Israeli ISP and Blacklisting
Hi, This RBL, even if is a bit extremist, is something used by a few of our customers's commercial spam filtering product. So this affects not just me, but others, but I am getting the feeling here that the messenger is getting shot, and we are giving a lean hand to the ISPs, as it is too difficult to "protected themselves". But if you are happy with the level of service Israeli ISPs are giving, enjoy, I think for one, customers should demand better. This debate brings me back to the day when Code Red was bringing down servers, and people complained that ISPs wouldn't block offending computers, and the ISPs retaliated with freedom of speak and moving response - silly. Same here, the ISP should prevent SPAM I don't care how, but they should, I am working with T-Mobile both in Europe and in United States, and you (as an end customer) send out mail directly unless it goes through their SMTP servers - if you have a VPN do whatever you want. BTW The company takes money in order to discourge people from nagging them to get removed. On Thursday 24 July 2008 15:45:03 Imri Zvik wrote: > Noam, > Again, and I will try to type it slowly so you can understand - You are > talking about *ONE* RBL, which is notorious for blocking whole AS, and > refusing to work with it's abuse departments. You are clinging to this > RBL listing as if being listed at this particular RBL means that we (as > in Israel or the ISP) are now completely cut-off from the world, or that > if you are listed in this RBL it means your ISP is doing nothing to > fight abuse. > > It's either you misunderstand how extreme this RBL is, and how fast and > for how little they block a whole AS, or you are just trying to flame. > > > > -Original Message- > From: Noam Rathaus [mailto:[EMAIL PROTECTED] > Sent: Thursday, July 24, 2008 3:09 PM > To: Imri Zvik > Cc: Omer Zak; linux-il > Subject: Re: Israeli ISP and Blacklisting > > Hi, > > You are right, it is easy to get RBLed, and semi-easy to get out of an > RBL, > but it doesn't help to email abuse@ or anything else, if your ISP is > marked > as bad. > > On Thursday 24 July 2008 14:31:48 Imri Zvik wrote: > > *Sigh* Don't you have anything better to do? I can report that Israeli > > ISPs get decent cooperation (well most of the times, and from most > > RBLs). No one is going to block Israel completely. > > > > If you have a specific email that was blocked, or a specific RBL (with > > reasonable demands) you want to be removed from, please email abuse@ > > > > -Original Message- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On Behalf Of Omer Zak > > Sent: Thursday, July 24, 2008 1:38 PM > > To: linux-il > > Subject: Re: Israeli ISP and Blacklisting > > > > I have E-mailed my ISP about this. > > > > You may want to add to your E-mail to your ISP also your concerns that > > since ALL Israeli ISPs are blacklisted, the entire country is in > > danger > > > of being backlisted as a country. > > > > While the real reason for such an action would be political, the spam > > handling situation is too convenient excuse to pass up. > > > > On Thu, 2008-07-24 at 12:57 +0300, Noam Rathaus wrote: > > > Hi, > > > > > > Has anyone here tried to get the Bezeq Internation, Barak or > > Netvision > > > to get > > > > > them off the blacklisting found here: > > > http://www.uceprotect.net/en/rblcheck.php > > > > > > Apparently all the Israeli ISP are blacklisted here (any host you > > put > > > there in > > > > > their hosting range) - and all because they don't have a policy of > > > > cleaning > > > > > up their network from spammers. > > > > > > This means we are all losing emails we send because our ISPs are > > doing > > > a bad > > > > > job. -- Noam Rathaus CTO [EMAIL PROTECTED] http://www.beyondsecurity.com "Know that you are safe." Beyond Security Finalist for the "Red Herring 100 Global" Awards 2007 = To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Israeli ISP and Blacklisting [summary and stop]
Hi, My last email on the subject :) As it appears that some people are pro-ISP, some are con-ISP, and I don't care which is which All I wanted to see, whether this is a global issue, apparently it is, more than one is willing to talk about it, I believe others simply don't know they are blacklisted, others have yet to be affected by it, and others more don't know they are affected. And me as the person wanting to send emails in a non-spam and legal way is left with the only alternative to move out his servers from Israel - specifically the mail server - as Israeli ISPs are RBLed - YES YES just one RBL and he is a bad bad RBL - which asks too many things - but apparently some ISPs agree to doing it. On Thursday 24 July 2008 15:58:42 you wrote: > On Thu, Jul 24, 2008 at 10:11 PM, Noam Rathaus <[EMAIL PROTECTED]> > wrote: > > I am taking my "stuff" elsewhere, the ISP's responsibility is to provide > > > service, and it should be good service - meaning stopping others from > > abusing > > the network, which in turn is used against me - as I am blocked in an > > RBL. > > Let me suggest a radical idea. > > I think that it is a good thing that Israel will be blocked in as many RBLs > as possible. > > And here's why. For the people on this list, it's a big deal but not > critical. I put it to you that most companies will deal with it one way or > another, by tunneling their ways somehow. I can think of 10 ways right now. > > The people who will suffer are the "regular users", those who use the ISP > mailbox (gaaa!) and have zero technical knowhow. There are a lot of them, > which means that they will make a lot of noise. > > The ISPs will then become a relatively unregulated industry that apparently > doesn't work properly without regulation. It also has a status of a > quasi-essential infrastructure. I sincerely hope that the regulator will > step up to the plate and regulate the ISPs and what they need to do to > spammers, in an effort to make the infrastructure usable again. Maybe our > star will shine and we'll see some heavy-handed anti-spam law, especially > if the ISPs respond to regulation by saying the burden is too high because > spammers don't have an incentive to stop. > > So before you start flaming, consider this: Change only happen out of > necessity. The stronger the necessity - the swifter the change. Lithium-ion > batteries did not come to be before laptops and cellphones became a > commodity. Hybrid cars didn't become a reality before gas prices went so > high that people actually started buying them. And conversly, think of > Israel's desalination plants - how they come to be whenever there's a year > or two of draft, and then fall apart at the first sign of a rainy year. > > And since one of the participants in this discussion at least seems to work > for an ISP, the same ISP from which I get most of my Hebrew spam, the same > ISP from which spam contains the header of the ISP's own relay, and passes > SPF checks, the same ISP which gets messages to the abuse alias from me > every month and never responds (robots excluded) - I view your behaviour as > aiding and abetting the spammers. I have proof that the addresses the > spammers use could never have been gotten from me (heck my domain was > dictionary-attacked by them), and I hope that you get blacklisted as much > as possible. I also hope that your users leave you for this very reason and > that you fail financially, so the spammers have to find a less hospitable > environ. I wish this ruin on you because you are acting, in my personal > opinion, in bad faith and in cohorts with the sort of people who I would > like to see their activity as felonious. I hope that once the regulation > comes you will continue with your bad behaviour as to become the first test > case of disobeying the regulation and that you shall lose and become the > precedent for any other such case. You know who you are. > > -- Arik -- Noam Rathaus CTO [EMAIL PROTECTED] http://www.beyondsecurity.com "Know that you are safe." Beyond Security Finalist for the "Red Herring 100 Global" Awards 2007 = To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Israeli ISP and Blacklisting
Just my two cents, I checked a few IP addresses that are listed under the AS of zahav.net.il, as well as the mail server of zahav.net.il And it is very close to getting RBL blocked: 84.94.0.0/15 - ATTENTION Increased Listingrisk - Level 1 listed spammers within the last 7 days 208 -Escalation to Level 2 by Level 1 records 445 But ignore it, as this RBL (http://www.uceprotect.net/en/rblcheck.php) is nothing to worry about, as you mentioned - rarely used or trusted. On Thursday 24 July 2008 16:30:50 Imri Zvik wrote: > Shimi, > > > > I cannot speak on behalf of other ISPs, but if you have problems with the > one I'm working at, please share the information with me, and I promise you > I will get to the bottom of this. > > > > Bottom line, I can assure you that *WE* are doing *a lot* to deal with spam > from our mail system/network. Again, as evidence we have good scores at big > and widely used RBLs. > > I also know, from second hand, that the other ISPs are also putting a lot > of efforts in order to deal with this issue. > > This all discussion started from *one* RBL which is notorious for its harsh > treatment. No one provided any specific problem, and everybody jumped into > the conclusion that if this RBL is blocking you, it means you are not doing > anything to deal with spam. This conclusion is just wrong. > > > > > > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of shimi > Sent: Thursday, July 24, 2008 4:16 PM > To: Imri Zvik > Cc: Noam Rathaus; linux-il > Subject: Re: Israeli ISP and Blacklisting > > > > Imri, > > On Thu, Jul 24, 2008 at 3:57 PM, Imri Zvik <[EMAIL PROTECTED]> wrote: > > How do you know abuse@ doesn't "really take care of users"? It seems like > your whole response is generalizing and vague. > > > I know because if after two weeks from their reply that they will "handle > it" I see the same user doing the same thing again from the same ISP, > then... > > What does an AUP worth if it is not enforced? > > The whole Israeli spam market is dominated by a VERY little amount of > people, and there is a reason that they're still spamming. Given that there > are like 3 ISPs in the country nowdays, they're not doing so because they > jump from an ISP to ISP after each one is denying them service, rather then > because they're paying customers, and denying them service means less > income. > > > > I don't see how the old QoS argument as anything to do with dealing with > abuse. I must remind you that downloading copyrighted materiel is > officially abuse too. > > > It does for a very simple reason; ISPs care only about cashflow. Removing > bad users from the possibility to get service leads for less profits. > Paying more for bandwidth leads for less profits. > > Re. your comment about copyrighted material, I have three things to say: > > 1.I don't really understand how is that abuse; You're not attacking any > system, and you're distrubing no-one (besides RIAA, BSA and others - but > that's not abuse). 2. The ISPs want to play the police and court? Fine, I > guess it's their right (and being a FOSS user, I couldn't care less...) - > if the law permits them to observe traffic and sabotage it - I have no > problem with that (what about BitTorrent to download the latest Linux > release?) 3. They DENY the fact that they're doing it! They claim that > "there are no means to do that!". If you don't believe me, read official > commentary from various spokesmen in Ynet articles regarding slow P2P in > various ISPs. > > Finally, I was not even talking about P2P - that was YOUR assumption. > They're [at least some of them] QoSing NON-HTTP traffic. Like CVS checkout > from an Open Source project, or my connection to an IRC network (how else > can you explain a 180ms ICMP but a 1 second IRC "ping" command roundtrip?). > How is that an abuse or illegal? > > But that's really OT, so let's stop here. I was just giving another example > for "we deserve this for not standing for our customer rights". > > -- Shimi -- Noam Rathaus CTO [EMAIL PROTECTED] http://www.beyondsecurity.com "Know that you are safe." Beyond Security Finalist for the "Red Herring 100 Global" Awards 2007 = To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Israeli ISP and Blacklisting [summary and stop]
Hi, I am not completely blocked, but I don't want to be partially blocked either. At least two emails bounced (to two unique destinations) saying we were blacklisted, I cannot tell you how many were blocked and didn't bounce - it will take me days, if ever to know. I will solve your security problems, can't help you with your spam problems - not my expertise. Arik didn't disappear, maybe he has work to do beside answering emails here - I trust Arik to get back to you. On Thursday 24 July 2008 17:06:04 Imri Zvik wrote: > Again, you are putting it as if you are completely blocked and you cannot > send mails at all. Can you please tell me how many of your mails were > blocked due to this listing, and to how many unique destinations? > > Only one person (Arik) complained about actual problem, and when I asked > for information he disappeared. > > It seems you don't really want to solve anything, or suggest any feasible > solutions. > > I ask again - do you think blocking port 25 completely is a good idea? Can > you live with that? How many people in this list thinks it's a good idea? > > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > On Behalf Of Noam Rathaus Sent: Thursday, July 24, 2008 4:33 PM > To: linux-il > Subject: Re: Israeli ISP and Blacklisting [summary and stop] > > Hi, > > My last email on the subject :) > > As it appears that some people are pro-ISP, some are con-ISP, and I don't > care which is which > > All I wanted to see, whether this is a global issue, apparently it is, more > than one is willing to talk about it, I believe others simply don't know > they are blacklisted, others have yet to be affected by it, and others more > don't know they are affected. > > And me as the person wanting to send emails in a non-spam and legal way is > left with the only alternative to move out his servers from Israel - > specifically the mail server - as Israeli ISPs are RBLed - YES YES just one > RBL and he is a bad bad RBL - which asks too many things - but apparently > some ISPs agree to doing it. > > On Thursday 24 July 2008 15:58:42 you wrote: > > On Thu, Jul 24, 2008 at 10:11 PM, Noam Rathaus <[EMAIL PROTECTED]> > > wrote: > > > > I am taking my "stuff" elsewhere, the ISP's responsibility is to provide > > > > > service, and it should be good service - meaning stopping others from > > > abusing > > > the network, which in turn is used against me - as I am blocked in an > > > RBL. > > > > Let me suggest a radical idea. > > > > I think that it is a good thing that Israel will be blocked in as many > > RBLs as possible. > > > > And here's why. For the people on this list, it's a big deal but not > > critical. I put it to you that most companies will deal with it one way > > or another, by tunneling their ways somehow. I can think of 10 ways right > > now. > > > > The people who will suffer are the "regular users", those who use the ISP > > mailbox (gaaa!) and have zero technical knowhow. There are a lot of them, > > which means that they will make a lot of noise. > > > > The ISPs will then become a relatively unregulated industry that > > apparently doesn't work properly without regulation. It also has a status > > of a quasi-essential infrastructure. I sincerely hope that the regulator > > will step up to the plate and regulate the ISPs and what they need to do > > to spammers, in an effort to make the infrastructure usable again. Maybe > > our star will shine and we'll see some heavy-handed anti-spam law, > > especially if the ISPs respond to regulation by saying the burden is too > > high because spammers don't have an incentive to stop. > > > > So before you start flaming, consider this: Change only happen out of > > necessity. The stronger the necessity - the swifter the change. > > Lithium-ion batteries did not come to be before laptops and cellphones > > became a commodity. Hybrid cars didn't become a reality before gas prices > > went so high that people actually started buying them. And conversly, > > think of Israel's desalination plants - how they come to be whenever > > there's a year or two of draft, and then fall apart at the first sign of > > a rainy year. > > > > And since one of the participants in this discussion at least seems to > > work for an ISP, the same ISP from which I get most of my Hebrew spam, > > the same ISP from which spam contains the header of the ISP's own relay, > > and passes SPF checks, the same ISP which gets messages to the abuse > > alias from me every month and never responds (robots excluded) - I view > > your behaviour as aiding and abetting the spammers. I have proof that the > > addresses the spammers use could never have been gotten from me (heck my > > domain was dictionary-attacked by them), and I hope that you get > > blacklisted as much as possible. I also hope that your users leave you > > for this very reason and that you fail financially, so the spammers have > > to find a less hospitable environ. I wish thi
Re: Israeli ISP and Blacklisting
Imri, On Thu, Jul 24, 2008 at 3:57 PM, Imri Zvik <[EMAIL PROTECTED]> wrote: > How do you know abuse@ doesn't "really take care of users"? It seems like > your whole response is generalizing and vague. > I know because if after two weeks from their reply that they will "handle it" I see the same user doing the same thing again from the same ISP, then... What does an AUP worth if it is not enforced? The whole Israeli spam market is dominated by a VERY little amount of people, and there is a reason that they're still spamming. Given that there are like 3 ISPs in the country nowdays, they're not doing so because they jump from an ISP to ISP after each one is denying them service, rather then because they're paying customers, and denying them service means less income. > > I don't see how the old QoS argument as anything to do with dealing with > abuse. I must remind you that downloading copyrighted materiel is officially > abuse too. > > It does for a very simple reason; ISPs care only about cashflow. Removing bad users from the possibility to get service leads for less profits. Paying more for bandwidth leads for less profits. Re. your comment about copyrighted material, I have three things to say: 1. I don't really understand how is that abuse; You're not attacking any system, and you're distrubing no-one (besides RIAA, BSA and others - but that's not abuse). 2. The ISPs want to play the police and court? Fine, I guess it's their right (and being a FOSS user, I couldn't care less...) - if the law permits them to observe traffic and sabotage it - I have no problem with that (what about BitTorrent to download the latest Linux release?) 3. They DENY the fact that they're doing it! They claim that "there are no means to do that!". If you don't believe me, read official commentary from various spokesmen in Ynet articles regarding slow P2P in various ISPs. Finally, I was not even talking about P2P - that was YOUR assumption. They're [at least some of them] QoSing NON-HTTP traffic. Like CVS checkout from an Open Source project, or my connection to an IRC network (how else can you explain a 180ms ICMP but a 1 second IRC "ping" command roundtrip?). How is that an abuse or illegal? But that's really OT, so let's stop here. I was just giving another example for "we deserve this for not standing for our customer rights". -- Shimi
RE: Israeli ISP and Blacklisting [summary and stop]
Again, you are putting it as if you are completely blocked and you cannot send mails at all. Can you please tell me how many of your mails were blocked due to this listing, and to how many unique destinations? Only one person (Arik) complained about actual problem, and when I asked for information he disappeared. It seems you don't really want to solve anything, or suggest any feasible solutions. I ask again - do you think blocking port 25 completely is a good idea? Can you live with that? How many people in this list thinks it's a good idea? -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Noam Rathaus Sent: Thursday, July 24, 2008 4:33 PM To: linux-il Subject: Re: Israeli ISP and Blacklisting [summary and stop] Hi, My last email on the subject :) As it appears that some people are pro-ISP, some are con-ISP, and I don't care which is which All I wanted to see, whether this is a global issue, apparently it is, more than one is willing to talk about it, I believe others simply don't know they are blacklisted, others have yet to be affected by it, and others more don't know they are affected. And me as the person wanting to send emails in a non-spam and legal way is left with the only alternative to move out his servers from Israel - specifically the mail server - as Israeli ISPs are RBLed - YES YES just one RBL and he is a bad bad RBL - which asks too many things - but apparently some ISPs agree to doing it. On Thursday 24 July 2008 15:58:42 you wrote: > On Thu, Jul 24, 2008 at 10:11 PM, Noam Rathaus <[EMAIL PROTECTED]> > wrote: > > I am taking my "stuff" elsewhere, the ISP's responsibility is to provide > > > service, and it should be good service - meaning stopping others from > > abusing > > the network, which in turn is used against me - as I am blocked in an > > RBL. > > Let me suggest a radical idea. > > I think that it is a good thing that Israel will be blocked in as many RBLs > as possible. > > And here's why. For the people on this list, it's a big deal but not > critical. I put it to you that most companies will deal with it one way or > another, by tunneling their ways somehow. I can think of 10 ways right now. > > The people who will suffer are the "regular users", those who use the ISP > mailbox (gaaa!) and have zero technical knowhow. There are a lot of them, > which means that they will make a lot of noise. > > The ISPs will then become a relatively unregulated industry that apparently > doesn't work properly without regulation. It also has a status of a > quasi-essential infrastructure. I sincerely hope that the regulator will > step up to the plate and regulate the ISPs and what they need to do to > spammers, in an effort to make the infrastructure usable again. Maybe our > star will shine and we'll see some heavy-handed anti-spam law, especially > if the ISPs respond to regulation by saying the burden is too high because > spammers don't have an incentive to stop. > > So before you start flaming, consider this: Change only happen out of > necessity. The stronger the necessity - the swifter the change. Lithium-ion > batteries did not come to be before laptops and cellphones became a > commodity. Hybrid cars didn't become a reality before gas prices went so > high that people actually started buying them. And conversly, think of > Israel's desalination plants - how they come to be whenever there's a year > or two of draft, and then fall apart at the first sign of a rainy year. > > And since one of the participants in this discussion at least seems to work > for an ISP, the same ISP from which I get most of my Hebrew spam, the same > ISP from which spam contains the header of the ISP's own relay, and passes > SPF checks, the same ISP which gets messages to the abuse alias from me > every month and never responds (robots excluded) - I view your behaviour as > aiding and abetting the spammers. I have proof that the addresses the > spammers use could never have been gotten from me (heck my domain was > dictionary-attacked by them), and I hope that you get blacklisted as much > as possible. I also hope that your users leave you for this very reason and > that you fail financially, so the spammers have to find a less hospitable > environ. I wish this ruin on you because you are acting, in my personal > opinion, in bad faith and in cohorts with the sort of people who I would > like to see their activity as felonious. I hope that once the regulation > comes you will continue with your bad behaviour as to become the first test > case of disobeying the regulation and that you shall lose and become the > precedent for any other such case. You know who you are. > > -- Arik -- Noam Rathaus CTO [EMAIL PROTECTED] http://www.beyondsecurity.com "Know that you are safe." Beyond Security Finalist for the "Red Herring 100 Global" Awards 2007 = To unsubscribe, send mail to [EM
Re: Israeli ISP and Blacklisting
Imri, Ok - don't block anything. Continue as usual I understand that this war was lost when I renewed my contract for server hosting in Israel. I should have seen this and moved them to somewhere better. If that doesn't bring to light the issue - causes to to understand that this needs to be resolved, I guess I didn't do my job correctly. On Thursday 24 July 2008 16:37:50 Imri Zvik wrote: > Noam, > > You do realize that what you mean is that the ISP will block port 25 all > together - meaning, that all of you people running your own mail server > at home will be forced to use your ISP as a smarthost (either with > manual configuration, or using traffic redirection at the ISP routers). > > I'm sure you already forgot, but when the ISPs blocked the netbios ports > few years ago in order to stop worms outbreaks, a lot of people > complained that the ISPs shouldn't block ports at all. > > > > -Original Message- > From: Noam Rathaus [mailto:[EMAIL PROTECTED] > Sent: Thursday, July 24, 2008 4:24 PM > To: Imri Zvik > Cc: Omer Zak; linux-il > Subject: Re: Israeli ISP and Blacklisting > > Hi, > > This RBL, even if is a bit extremist, is something used by a few of our > customers's commercial spam filtering product. > > So this affects not just me, but others, but I am getting the feeling > here > that the messenger is getting shot, and we are giving a lean hand to the > > ISPs, as it is too difficult to "protected themselves". > > But if you are happy with the level of service Israeli ISPs are giving, > enjoy, > I think for one, customers should demand better. > > This debate brings me back to the day when Code Red was bringing down > servers, > and people complained that ISPs wouldn't block offending computers, and > the > ISPs retaliated with freedom of speak and moving response - silly. Same > here, > the ISP should prevent SPAM I don't care how, but they should, I am > working > with T-Mobile both in Europe and in United States, and you (as an end > customer) send out mail directly unless it goes through their SMTP > servers - > if you have a VPN do whatever you want. > > BTW The company takes money in order to discourge people from nagging > them to > get removed. > > On Thursday 24 July 2008 15:45:03 Imri Zvik wrote: > > Noam, > > Again, and I will try to type it slowly so you can understand - You > > are > > > talking about *ONE* RBL, which is notorious for blocking whole AS, and > > refusing to work with it's abuse departments. You are clinging to this > > RBL listing as if being listed at this particular RBL means that we > > (as > > > in Israel or the ISP) are now completely cut-off from the world, or > > that > > > if you are listed in this RBL it means your ISP is doing nothing to > > fight abuse. > > > > It's either you misunderstand how extreme this RBL is, and how fast > > and > > > for how little they block a whole AS, or you are just trying to flame. > > > > > > > > -Original Message- > > From: Noam Rathaus [mailto:[EMAIL PROTECTED] > > Sent: Thursday, July 24, 2008 3:09 PM > > To: Imri Zvik > > Cc: Omer Zak; linux-il > > Subject: Re: Israeli ISP and Blacklisting > > > > Hi, > > > > You are right, it is easy to get RBLed, and semi-easy to get out of an > > RBL, > > but it doesn't help to email abuse@ or anything else, if your ISP is > > marked > > as bad. > > > > On Thursday 24 July 2008 14:31:48 Imri Zvik wrote: > > > *Sigh* Don't you have anything better to do? I can report that > > Israeli > > > > ISPs get decent cooperation (well most of the times, and from most > > > RBLs). No one is going to block Israel completely. > > > > > > If you have a specific email that was blocked, or a specific RBL > > (with > > > > reasonable demands) you want to be removed from, please email abuse@ > > > > > > -Original Message- > > > From: [EMAIL PROTECTED] > > > [mailto:[EMAIL PROTECTED] On Behalf Of Omer Zak > > > Sent: Thursday, July 24, 2008 1:38 PM > > > To: linux-il > > > Subject: Re: Israeli ISP and Blacklisting > > > > > > I have E-mailed my ISP about this. > > > > > > You may want to add to your E-mail to your ISP also your concerns > > that > > > > since ALL Israeli ISPs are blacklisted, the entire country is in > > > > danger > > > > > of being backlisted as a country. > > > > > > While the real reason for such an action would be political, the > > spam > > > > handling situation is too convenient excuse to pass up. > > > > > > On Thu, 2008-07-24 at 12:57 +0300, Noam Rathaus wrote: > > > > Hi, > > > > > > > > Has anyone here tried to get the Bezeq Internation, Barak or > > > > Netvision > > > > > to get > > > > > > > them off the blacklisting found here: > > > > http://www.uceprotect.net/en/rblcheck.php > > > > > > > > Apparently all the Israeli ISP are blacklisted here (any host you > > > > put > > > > > there in > > > > > > > their hosting range) - and all because they don't have a policy of > > > > > > cleaning > > > > > > > up their network from spammers. > > > > > >
RE: Israeli ISP and Blacklisting
Noam, You do realize that what you mean is that the ISP will block port 25 all together - meaning, that all of you people running your own mail server at home will be forced to use your ISP as a smarthost (either with manual configuration, or using traffic redirection at the ISP routers). I'm sure you already forgot, but when the ISPs blocked the netbios ports few years ago in order to stop worms outbreaks, a lot of people complained that the ISPs shouldn't block ports at all. -Original Message- From: Noam Rathaus [mailto:[EMAIL PROTECTED] Sent: Thursday, July 24, 2008 4:24 PM To: Imri Zvik Cc: Omer Zak; linux-il Subject: Re: Israeli ISP and Blacklisting Hi, This RBL, even if is a bit extremist, is something used by a few of our customers's commercial spam filtering product. So this affects not just me, but others, but I am getting the feeling here that the messenger is getting shot, and we are giving a lean hand to the ISPs, as it is too difficult to "protected themselves". But if you are happy with the level of service Israeli ISPs are giving, enjoy, I think for one, customers should demand better. This debate brings me back to the day when Code Red was bringing down servers, and people complained that ISPs wouldn't block offending computers, and the ISPs retaliated with freedom of speak and moving response - silly. Same here, the ISP should prevent SPAM I don't care how, but they should, I am working with T-Mobile both in Europe and in United States, and you (as an end customer) send out mail directly unless it goes through their SMTP servers - if you have a VPN do whatever you want. BTW The company takes money in order to discourge people from nagging them to get removed. On Thursday 24 July 2008 15:45:03 Imri Zvik wrote: > Noam, > Again, and I will try to type it slowly so you can understand - You are > talking about *ONE* RBL, which is notorious for blocking whole AS, and > refusing to work with it's abuse departments. You are clinging to this > RBL listing as if being listed at this particular RBL means that we (as > in Israel or the ISP) are now completely cut-off from the world, or that > if you are listed in this RBL it means your ISP is doing nothing to > fight abuse. > > It's either you misunderstand how extreme this RBL is, and how fast and > for how little they block a whole AS, or you are just trying to flame. > > > > -Original Message- > From: Noam Rathaus [mailto:[EMAIL PROTECTED] > Sent: Thursday, July 24, 2008 3:09 PM > To: Imri Zvik > Cc: Omer Zak; linux-il > Subject: Re: Israeli ISP and Blacklisting > > Hi, > > You are right, it is easy to get RBLed, and semi-easy to get out of an > RBL, > but it doesn't help to email abuse@ or anything else, if your ISP is > marked > as bad. > > On Thursday 24 July 2008 14:31:48 Imri Zvik wrote: > > *Sigh* Don't you have anything better to do? I can report that Israeli > > ISPs get decent cooperation (well most of the times, and from most > > RBLs). No one is going to block Israel completely. > > > > If you have a specific email that was blocked, or a specific RBL (with > > reasonable demands) you want to be removed from, please email abuse@ > > > > -Original Message- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On Behalf Of Omer Zak > > Sent: Thursday, July 24, 2008 1:38 PM > > To: linux-il > > Subject: Re: Israeli ISP and Blacklisting > > > > I have E-mailed my ISP about this. > > > > You may want to add to your E-mail to your ISP also your concerns that > > since ALL Israeli ISPs are blacklisted, the entire country is in > > danger > > > of being backlisted as a country. > > > > While the real reason for such an action would be political, the spam > > handling situation is too convenient excuse to pass up. > > > > On Thu, 2008-07-24 at 12:57 +0300, Noam Rathaus wrote: > > > Hi, > > > > > > Has anyone here tried to get the Bezeq Internation, Barak or > > Netvision > > > to get > > > > > them off the blacklisting found here: > > > http://www.uceprotect.net/en/rblcheck.php > > > > > > Apparently all the Israeli ISP are blacklisted here (any host you > > put > > > there in > > > > > their hosting range) - and all because they don't have a policy of > > > > cleaning > > > > > up their network from spammers. > > > > > > This means we are all losing emails we send because our ISPs are > > doing > > > a bad > > > > > job. -- Noam Rathaus CTO [EMAIL PROTECTED] http://www.beyondsecurity.com "Know that you are safe." Beyond Security Finalist for the "Red Herring 100 Global" Awards 2007 To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Israeli ISP and Blacklisting
On Thu, Jul 24, 2008 at 10:11 PM, Noam Rathaus <[EMAIL PROTECTED]> wrote: I am taking my "stuff" elsewhere, the ISP's responsibility is to provide > service, and it should be good service - meaning stopping others from > abusing > the network, which in turn is used against me - as I am blocked in an RBL. > Let me suggest a radical idea. I think that it is a good thing that Israel will be blocked in as many RBLs as possible. And here's why. For the people on this list, it's a big deal but not critical. I put it to you that most companies will deal with it one way or another, by tunneling their ways somehow. I can think of 10 ways right now. The people who will suffer are the "regular users", those who use the ISP mailbox (gaaa!) and have zero technical knowhow. There are a lot of them, which means that they will make a lot of noise. The ISPs will then become a relatively unregulated industry that apparently doesn't work properly without regulation. It also has a status of a quasi-essential infrastructure. I sincerely hope that the regulator will step up to the plate and regulate the ISPs and what they need to do to spammers, in an effort to make the infrastructure usable again. Maybe our star will shine and we'll see some heavy-handed anti-spam law, especially if the ISPs respond to regulation by saying the burden is too high because spammers don't have an incentive to stop. So before you start flaming, consider this: Change only happen out of necessity. The stronger the necessity - the swifter the change. Lithium-ion batteries did not come to be before laptops and cellphones became a commodity. Hybrid cars didn't become a reality before gas prices went so high that people actually started buying them. And conversly, think of Israel's desalination plants - how they come to be whenever there's a year or two of draft, and then fall apart at the first sign of a rainy year. And since one of the participants in this discussion at least seems to work for an ISP, the same ISP from which I get most of my Hebrew spam, the same ISP from which spam contains the header of the ISP's own relay, and passes SPF checks, the same ISP which gets messages to the abuse alias from me every month and never responds (robots excluded) - I view your behaviour as aiding and abetting the spammers. I have proof that the addresses the spammers use could never have been gotten from me (heck my domain was dictionary-attacked by them), and I hope that you get blacklisted as much as possible. I also hope that your users leave you for this very reason and that you fail financially, so the spammers have to find a less hospitable environ. I wish this ruin on you because you are acting, in my personal opinion, in bad faith and in cohorts with the sort of people who I would like to see their activity as felonious. I hope that once the regulation comes you will continue with your bad behaviour as to become the first test case of disobeying the regulation and that you shall lose and become the precedent for any other such case. You know who you are. -- Arik
RE: Israeli ISP and Blacklisting
Noam, Again, and I will try to type it slowly so you can understand - You are talking about *ONE* RBL, which is notorious for blocking whole AS, and refusing to work with it's abuse departments. You are clinging to this RBL listing as if being listed at this particular RBL means that we (as in Israel or the ISP) are now completely cut-off from the world, or that if you are listed in this RBL it means your ISP is doing nothing to fight abuse. It's either you misunderstand how extreme this RBL is, and how fast and for how little they block a whole AS, or you are just trying to flame. -Original Message- From: Noam Rathaus [mailto:[EMAIL PROTECTED] Sent: Thursday, July 24, 2008 3:09 PM To: Imri Zvik Cc: Omer Zak; linux-il Subject: Re: Israeli ISP and Blacklisting Hi, You are right, it is easy to get RBLed, and semi-easy to get out of an RBL, but it doesn't help to email abuse@ or anything else, if your ISP is marked as bad. On Thursday 24 July 2008 14:31:48 Imri Zvik wrote: > *Sigh* Don't you have anything better to do? I can report that Israeli > ISPs get decent cooperation (well most of the times, and from most > RBLs). No one is going to block Israel completely. > > If you have a specific email that was blocked, or a specific RBL (with > reasonable demands) you want to be removed from, please email abuse@ > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Omer Zak > Sent: Thursday, July 24, 2008 1:38 PM > To: linux-il > Subject: Re: Israeli ISP and Blacklisting > > I have E-mailed my ISP about this. > > You may want to add to your E-mail to your ISP also your concerns that > since ALL Israeli ISPs are blacklisted, the entire country is in danger > of being backlisted as a country. > > While the real reason for such an action would be political, the spam > handling situation is too convenient excuse to pass up. > > On Thu, 2008-07-24 at 12:57 +0300, Noam Rathaus wrote: > > Hi, > > > > Has anyone here tried to get the Bezeq Internation, Barak or Netvision > > to get > > > them off the blacklisting found here: > > http://www.uceprotect.net/en/rblcheck.php > > > > Apparently all the Israeli ISP are blacklisted here (any host you put > > there in > > > their hosting range) - and all because they don't have a policy of > > cleaning > > > up their network from spammers. > > > > This means we are all losing emails we send because our ISPs are doing > > a bad > > > job. -- Noam Rathaus CTO [EMAIL PROTECTED] http://www.beyondsecurity.com "Know that you are safe." Beyond Security Finalist for the "Red Herring 100 Global" Awards 2007 To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
RE: Israeli ISP and Blacklisting
You misread it. If a dynamic and non-dynamic IP sits under the same AS number, they will both get blacklisted, no matter if the dynamic IP was "clearly marked" as dynamic and the static "clearly marked" as one. They want the ISP to block port 25 all together from "dynamic IPs". -Original Message- From: Noam Rathaus [mailto:[EMAIL PROTECTED] Sent: Thursday, July 24, 2008 3:09 PM To: Imri Zvik Cc: shimi; linux-il Subject: Re: Israeli ISP and Blacklisting Hi, Exactly you prove my point, you proved that none of the Israeli ISPs are doing anything to: 1) Clearly mark what is an DSL, modem, etc connection so they will all be listed as spammer by default 2) Clearly mark what are 'static'/'hosted' IP address so they will not fall under category 1 3) Clearly do a good job of reverse-PTR records - I had to fight with barak to get it for our server - they claimed it costs money to do, I said this is minimal service - in the end they gave it to me for free - wow 4) ISP should do the minimal effort of not allowing, proxy, open relay, vulnerable servers, infected computers from being in their HOSTED farm, not talking about dialup or DSL, or any other small business/home users. On Thursday 24 July 2008 14:52:39 Imri Zvik wrote: > You are *SO* wrong. > > It takes the following to get your whole AS blocked: > > "UCEPROTECT-Level 3 lists all IP's within an ASN if more than 100 IP's, but > also a minimum of 0.2% of all IP's allocated to this ASN got Level 1 listed > within the last 7 days." > > Now, to get listed in their Level 1 DB you need the following: > > " Level 1 exclusively lists IP addresses with either wrong or missing or > generic reverse DNS (PTR record), or “dialup” connections [typically > suggesting a home/other user with a dynamic connection], or computers with > exploited / exploitable security holes (e.g. open proxies, open relays, > vulnerable webservers, virus infected etc) or which are assigned to > well-known spammers. > > When one of these conditions / criteria is met, and it only takes one > spamtrap to be hit from such a system, the IP address will be automatically > listed at UCEPROTECT BLacklist Level 1. " > > Please notice the last sentence. > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > On Behalf Of Noam Rathaus Sent: Thursday, July 24, 2008 2:32 PM > To: shimi > Cc: linux-il > Subject: Re: Israeli ISP and Blacklisting > > Hi, > > I haven't dropped water into a boiling pan for nothing if you go here: > http://www.uceprotect.net/en/rblcheck.php > > You will see that the IP (a hosted server): > 192.117.232.213 > > Is all ok, beside the last one, which is due to the fact that Bezeq Int is > blacklisted, at first I thought it was just them, but I checked three other > IP addresses we have, and the other ISPs are blacklisted as well > > As: > 3845 of 1107456 (0.347 %) addresses they have are marked as spammers - not > spam senders, but routinely sending spam, and ISP not blocking them after > an abuse email is issued. > > On Thursday 24 July 2008 14:09:42 shimi wrote: > > On Thu, Jul 24, 2008 at 12:57 PM, Noam Rathaus <[EMAIL PROTECTED]> > > > > wrote: > > > Hi, > > > > > > Has anyone here tried to get the Bezeq Internation, Barak or Netvision > > > to get > > > them off the blacklisting found here: > > > http://www.uceprotect.net/en/rblcheck.php > > > > > > Apparently all the Israeli ISP are blacklisted here (any host you put > > > there in > > > their hosting range) - and all because they don't have a policy of > > > cleaning up their network from spammers. > > > > > > This means we are all losing emails we send because our ISPs are doing > > > a bad > > > job. > > > > Hi Noam, > > > > Did you check the Israeli ISPs outgoing SMTP servers addresses and saw > > that they're blacklisted? > > > > Or did you just use users dial-up/DSL/cable IP ranges in your test, which > > SHOULD be blacklisted (why would a home user need to emit SMTP traffic on > > his own instead of his ISP SMTP servers, where proper authentication and > > thus logging and auditing can be taken care of? > > > > Most RBLs will list all non-ISP-managed block ranges for the above > > reasons, regardless of their location on the globe... > > > > -- Shimi -- Noam Rathaus CTO [EMAIL PROTECTED] http://www.beyondsecurity.com "Know that you are safe." Beyond Security Finalist for the "Red Herring 100 Global" Awards 2007
Re: Israeli ISP and Blacklisting
On Thu, Jul 24, 2008 at 2:31 PM, Noam Rathaus <[EMAIL PROTECTED]> wrote: > Hi, > > I haven't dropped water into a boiling pan for nothing if you go here: > http://www.uceprotect.net/en/rblcheck.php > > You will see that the IP (a hosted server): > 192.117.232.213 > > Is all ok, beside the last one, which is due to the fact that Bezeq Int is > blacklisted, at first I thought it was just them, but I checked three other > IP addresses we have, and the other ISPs are blacklisted as well > > As: > 3845 of 1107456 (0.347 %) addresses they have are marked as spammers - not > spam senders, but routinely sending spam, and ISP not blocking them after > an > abuse email is issued. > Hi again Noam, I do agree with you that it's bad that abuse departments don't really take care of users (why would they? they earn their money, and closing abusive users hurts the cashflow...) - I know - because I, myself, contacted them many times, complete with logs and proof for misconducts of their users (including cracking attempts to servers, and I am NOT talking about portscanning), and nothing really happened... I didn't know we got to the place where our complete AS is blocked (you didn't specify this detail in the first message), so I assumed it's the usual cause :) Anyways, we, the IL users, probably deserve it, the same way we deserve our ISPs cutting down their bandwidth and causing our non-HTTP traffic to crawl by QoSing what's left... and why do we deserve it? Because we didn't cause the first ISP that did it to bankrupt by eliminating all their users (i.e. boycotting). It's the "everything is gonna be OK" approach. The second thing I would like to say is... people who do serious antispam business will not block e-mail by those RBLs - they mostly create loss for the businesses who use them... this is really not the way to solve the problem. The problem is... that no way is [1]. -- Shimi [1] http://oldwww.temp.ahbl.org/funny/response1.php
Re: Israeli ISP and Blacklisting
Hi, I never said they marked the whole country, maybe you should read the email better. I asked why doesn't the ISP mark the AS of the dialup, and DSL, etc as a separate entity - like hosting/teleco companies do in the US, and Europe. If the answer (yours or theirs) is because we are: 1) Too small 2) Care too little 3) RBL is wrong I am taking my "stuff" elsewhere, the ISP's responsibility is to provide service, and it should be good service - meaning stopping others from abusing the network, which in turn is used against me - as I am blocked in an RBL. On Thursday 24 July 2008 14:46:10 Imri Zvik wrote: > Noam, > They are blocking the *WHOLE* AS, not IP ranges. They blocked the whole > AS number I'm using because 0.596 % of the ips in that AS sent "spam". > Do you think that is that reasonable. > I've just googled for that RBL, and found out a lot of ranting > (including a recent thread in NANOG). Apparently, they are demanding > money if you want your AS to be removed... > > Anyway, one RBL doesn't equal to "The whole country is blocked!". If you > have any specific problem, why don't you try your [EMAIL PROTECTED] > > > > -Original Message- > From: Noam Rathaus [mailto:[EMAIL PROTECTED] > Sent: Thursday, July 24, 2008 2:35 PM > To: Imri Zvik > Cc: linux-il > Subject: Re: Israeli ISP and Blacklisting > > Sorry but I don't understand why you guys think I checked dynamic > ranges? > > I checked hosting ranges, and these SHOULD BE CLEAN, no one in the > hosting > farm should be sending out SPAM, it is against the policy of the hosting > > company, it is clearly written in the agreement you sign when you come > in > into their farm. > > Same thing for illegal content, piracy, etc. > > On Thursday 24 July 2008 14:24:02 Imri Zvik wrote: > > I'm sorry, but checking hosting/dynamic ranges is just misleading. It > > is > > > impossible to clean these ranges, and even though the ISPs try. > > > > I don't know this specific RBL, but I don't think it's a widely used > > one > > > - Anyway, they "punish" whole AS numbers which seems quite harsh. > > If you would _actually_ read what they are suggesting, you would have > > seen that it is impossible to implement in Israel (Can you imagine > > what > > > will happen if the ISP's will just block port 25 and *force* you to > > use > > > their own mail servers? I can just see the angry postbacks in ynet..). > > > > What you should be checking is the ranges that the ISP mail system > > uses; > > > If you will take Smile 012 for example, and check it's reputation in > > senderbase.org, you will see that most of the servers are listed as > > "GOOD", and some as "Neutral": > > http://www.senderbase.org/senderbase_queries/detailip?search_string=84.9 > > > 5.2.0%2F24 > > > > > > -Original Message- > > From: [EMAIL PROTECTED] > > [mailto:[EMAIL PROTECTED] On Behalf Of Noam Rathaus > > Sent: Thursday, July 24, 2008 12:58 PM > > To: linux-il > > Subject: Israeli ISP and Blacklisting > > > > Hi, > > > > Has anyone here tried to get the Bezeq Internation, Barak or Netvision > > to get > > them off the blacklisting found here: > > http://www.uceprotect.net/en/rblcheck.php > > > > Apparently all the Israeli ISP are blacklisted here (any host you put > > there in > > their hosting range) - and all because they don't have a policy of > > cleaning > > up their network from spammers. > > > > This means we are all losing emails we send because our ISPs are doing > > a > > > bad > > job. -- Noam Rathaus CTO [EMAIL PROTECTED] http://www.beyondsecurity.com "Know that you are safe." Beyond Security Finalist for the "Red Herring 100 Global" Awards 2007 = To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Israeli ISP and Blacklisting
Hi, You are right, it is easy to get RBLed, and semi-easy to get out of an RBL, but it doesn't help to email abuse@ or anything else, if your ISP is marked as bad. On Thursday 24 July 2008 14:31:48 Imri Zvik wrote: > *Sigh* Don't you have anything better to do? I can report that Israeli > ISPs get decent cooperation (well most of the times, and from most > RBLs). No one is going to block Israel completely. > > If you have a specific email that was blocked, or a specific RBL (with > reasonable demands) you want to be removed from, please email abuse@ > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Omer Zak > Sent: Thursday, July 24, 2008 1:38 PM > To: linux-il > Subject: Re: Israeli ISP and Blacklisting > > I have E-mailed my ISP about this. > > You may want to add to your E-mail to your ISP also your concerns that > since ALL Israeli ISPs are blacklisted, the entire country is in danger > of being backlisted as a country. > > While the real reason for such an action would be political, the spam > handling situation is too convenient excuse to pass up. > > On Thu, 2008-07-24 at 12:57 +0300, Noam Rathaus wrote: > > Hi, > > > > Has anyone here tried to get the Bezeq Internation, Barak or Netvision > > to get > > > them off the blacklisting found here: > > http://www.uceprotect.net/en/rblcheck.php > > > > Apparently all the Israeli ISP are blacklisted here (any host you put > > there in > > > their hosting range) - and all because they don't have a policy of > > cleaning > > > up their network from spammers. > > > > This means we are all losing emails we send because our ISPs are doing > > a bad > > > job. -- Noam Rathaus CTO [EMAIL PROTECTED] http://www.beyondsecurity.com "Know that you are safe." Beyond Security Finalist for the "Red Herring 100 Global" Awards 2007 = To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Israeli ISP and Blacklisting
Hi, Exactly you prove my point, you proved that none of the Israeli ISPs are doing anything to: 1) Clearly mark what is an DSL, modem, etc connection so they will all be listed as spammer by default 2) Clearly mark what are 'static'/'hosted' IP address so they will not fall under category 1 3) Clearly do a good job of reverse-PTR records - I had to fight with barak to get it for our server - they claimed it costs money to do, I said this is minimal service - in the end they gave it to me for free - wow 4) ISP should do the minimal effort of not allowing, proxy, open relay, vulnerable servers, infected computers from being in their HOSTED farm, not talking about dialup or DSL, or any other small business/home users. On Thursday 24 July 2008 14:52:39 Imri Zvik wrote: > You are *SO* wrong. > > It takes the following to get your whole AS blocked: > > "UCEPROTECT-Level 3 lists all IP's within an ASN if more than 100 IP's, but > also a minimum of 0.2% of all IP's allocated to this ASN got Level 1 listed > within the last 7 days." > > Now, to get listed in their Level 1 DB you need the following: > > " Level 1 exclusively lists IP addresses with either wrong or missing or > generic reverse DNS (PTR record), or “dialup” connections [typically > suggesting a home/other user with a dynamic connection], or computers with > exploited / exploitable security holes (e.g. open proxies, open relays, > vulnerable webservers, virus infected etc) or which are assigned to > well-known spammers. > > When one of these conditions / criteria is met, and it only takes one > spamtrap to be hit from such a system, the IP address will be automatically > listed at UCEPROTECT BLacklist Level 1. " > > Please notice the last sentence. > > -Original Message- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > On Behalf Of Noam Rathaus Sent: Thursday, July 24, 2008 2:32 PM > To: shimi > Cc: linux-il > Subject: Re: Israeli ISP and Blacklisting > > Hi, > > I haven't dropped water into a boiling pan for nothing if you go here: > http://www.uceprotect.net/en/rblcheck.php > > You will see that the IP (a hosted server): > 192.117.232.213 > > Is all ok, beside the last one, which is due to the fact that Bezeq Int is > blacklisted, at first I thought it was just them, but I checked three other > IP addresses we have, and the other ISPs are blacklisted as well > > As: > 3845 of 1107456 (0.347 %) addresses they have are marked as spammers - not > spam senders, but routinely sending spam, and ISP not blocking them after > an abuse email is issued. > > On Thursday 24 July 2008 14:09:42 shimi wrote: > > On Thu, Jul 24, 2008 at 12:57 PM, Noam Rathaus <[EMAIL PROTECTED]> > > > > wrote: > > > Hi, > > > > > > Has anyone here tried to get the Bezeq Internation, Barak or Netvision > > > to get > > > them off the blacklisting found here: > > > http://www.uceprotect.net/en/rblcheck.php > > > > > > Apparently all the Israeli ISP are blacklisted here (any host you put > > > there in > > > their hosting range) - and all because they don't have a policy of > > > cleaning up their network from spammers. > > > > > > This means we are all losing emails we send because our ISPs are doing > > > a bad > > > job. > > > > Hi Noam, > > > > Did you check the Israeli ISPs outgoing SMTP servers addresses and saw > > that they're blacklisted? > > > > Or did you just use users dial-up/DSL/cable IP ranges in your test, which > > SHOULD be blacklisted (why would a home user need to emit SMTP traffic on > > his own instead of his ISP SMTP servers, where proper authentication and > > thus logging and auditing can be taken care of? > > > > Most RBLs will list all non-ISP-managed block ranges for the above > > reasons, regardless of their location on the globe... > > > > -- Shimi -- Noam Rathaus CTO [EMAIL PROTECTED] http://www.beyondsecurity.com "Know that you are safe." Beyond Security Finalist for the "Red Herring 100 Global" Awards 2007 To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
RE: Israeli ISP and Blacklisting
You are *SO* wrong. It takes the following to get your whole AS blocked: "UCEPROTECT-Level 3 lists all IP's within an ASN if more than 100 IP's, but also a minimum of 0.2% of all IP's allocated to this ASN got Level 1 listed within the last 7 days." Now, to get listed in their Level 1 DB you need the following: " Level 1 exclusively lists IP addresses with either wrong or missing or generic reverse DNS (PTR record), or “dialup” connections [typically suggesting a home/other user with a dynamic connection], or computers with exploited / exploitable security holes (e.g. open proxies, open relays, vulnerable webservers, virus infected etc) or which are assigned to well-known spammers. When one of these conditions / criteria is met, and it only takes one spamtrap to be hit from such a system, the IP address will be automatically listed at UCEPROTECT BLacklist Level 1. " Please notice the last sentence. -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Noam Rathaus Sent: Thursday, July 24, 2008 2:32 PM To: shimi Cc: linux-il Subject: Re: Israeli ISP and Blacklisting Hi, I haven't dropped water into a boiling pan for nothing if you go here: http://www.uceprotect.net/en/rblcheck.php You will see that the IP (a hosted server): 192.117.232.213 Is all ok, beside the last one, which is due to the fact that Bezeq Int is blacklisted, at first I thought it was just them, but I checked three other IP addresses we have, and the other ISPs are blacklisted as well As: 3845 of 1107456 (0.347 %) addresses they have are marked as spammers - not spam senders, but routinely sending spam, and ISP not blocking them after an abuse email is issued. On Thursday 24 July 2008 14:09:42 shimi wrote: > On Thu, Jul 24, 2008 at 12:57 PM, Noam Rathaus <[EMAIL PROTECTED]> > > wrote: > > Hi, > > > > Has anyone here tried to get the Bezeq Internation, Barak or Netvision to > > get > > them off the blacklisting found here: > > http://www.uceprotect.net/en/rblcheck.php > > > > Apparently all the Israeli ISP are blacklisted here (any host you put > > there in > > their hosting range) - and all because they don't have a policy of > > cleaning up their network from spammers. > > > > This means we are all losing emails we send because our ISPs are doing a > > bad > > job. > > Hi Noam, > > Did you check the Israeli ISPs outgoing SMTP servers addresses and saw that > they're blacklisted? > > Or did you just use users dial-up/DSL/cable IP ranges in your test, which > SHOULD be blacklisted (why would a home user need to emit SMTP traffic on > his own instead of his ISP SMTP servers, where proper authentication and > thus logging and auditing can be taken care of? > > Most RBLs will list all non-ISP-managed block ranges for the above reasons, > regardless of their location on the globe... > > -- Shimi -- Noam Rathaus CTO [EMAIL PROTECTED] http://www.beyondsecurity.com "Know that you are safe." Beyond Security Finalist for the "Red Herring 100 Global" Awards 2007 = To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
RE: Israeli ISP and Blacklisting
Noam, They are blocking the *WHOLE* AS, not IP ranges. They blocked the whole AS number I'm using because 0.596 % of the ips in that AS sent "spam". Do you think that is that reasonable. I've just googled for that RBL, and found out a lot of ranting (including a recent thread in NANOG). Apparently, they are demanding money if you want your AS to be removed... Anyway, one RBL doesn't equal to "The whole country is blocked!". If you have any specific problem, why don't you try your [EMAIL PROTECTED] -Original Message- From: Noam Rathaus [mailto:[EMAIL PROTECTED] Sent: Thursday, July 24, 2008 2:35 PM To: Imri Zvik Cc: linux-il Subject: Re: Israeli ISP and Blacklisting Sorry but I don't understand why you guys think I checked dynamic ranges? I checked hosting ranges, and these SHOULD BE CLEAN, no one in the hosting farm should be sending out SPAM, it is against the policy of the hosting company, it is clearly written in the agreement you sign when you come in into their farm. Same thing for illegal content, piracy, etc. On Thursday 24 July 2008 14:24:02 Imri Zvik wrote: > I'm sorry, but checking hosting/dynamic ranges is just misleading. It is > impossible to clean these ranges, and even though the ISPs try. > > I don't know this specific RBL, but I don't think it's a widely used one > - Anyway, they "punish" whole AS numbers which seems quite harsh. > If you would _actually_ read what they are suggesting, you would have > seen that it is impossible to implement in Israel (Can you imagine what > will happen if the ISP's will just block port 25 and *force* you to use > their own mail servers? I can just see the angry postbacks in ynet..). > > What you should be checking is the ranges that the ISP mail system uses; > If you will take Smile 012 for example, and check it's reputation in > senderbase.org, you will see that most of the servers are listed as > "GOOD", and some as "Neutral": > http://www.senderbase.org/senderbase_queries/detailip?search_string=84.9 > 5.2.0%2F24 > > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Noam Rathaus > Sent: Thursday, July 24, 2008 12:58 PM > To: linux-il > Subject: Israeli ISP and Blacklisting > > Hi, > > Has anyone here tried to get the Bezeq Internation, Barak or Netvision > to get > them off the blacklisting found here: > http://www.uceprotect.net/en/rblcheck.php > > Apparently all the Israeli ISP are blacklisted here (any host you put > there in > their hosting range) - and all because they don't have a policy of > cleaning > up their network from spammers. > > This means we are all losing emails we send because our ISPs are doing a > bad > job. -- Noam Rathaus CTO [EMAIL PROTECTED] http://www.beyondsecurity.com "Know that you are safe." Beyond Security Finalist for the "Red Herring 100 Global" Awards 2007 To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Israeli ISP and Blacklisting
Sorry but I don't understand why you guys think I checked dynamic ranges? I checked hosting ranges, and these SHOULD BE CLEAN, no one in the hosting farm should be sending out SPAM, it is against the policy of the hosting company, it is clearly written in the agreement you sign when you come in into their farm. Same thing for illegal content, piracy, etc. On Thursday 24 July 2008 14:24:02 Imri Zvik wrote: > I'm sorry, but checking hosting/dynamic ranges is just misleading. It is > impossible to clean these ranges, and even though the ISPs try. > > I don't know this specific RBL, but I don't think it's a widely used one > - Anyway, they "punish" whole AS numbers which seems quite harsh. > If you would _actually_ read what they are suggesting, you would have > seen that it is impossible to implement in Israel (Can you imagine what > will happen if the ISP's will just block port 25 and *force* you to use > their own mail servers? I can just see the angry postbacks in ynet..). > > What you should be checking is the ranges that the ISP mail system uses; > If you will take Smile 012 for example, and check it's reputation in > senderbase.org, you will see that most of the servers are listed as > "GOOD", and some as "Neutral": > http://www.senderbase.org/senderbase_queries/detailip?search_string=84.9 > 5.2.0%2F24 > > > -Original Message- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] On Behalf Of Noam Rathaus > Sent: Thursday, July 24, 2008 12:58 PM > To: linux-il > Subject: Israeli ISP and Blacklisting > > Hi, > > Has anyone here tried to get the Bezeq Internation, Barak or Netvision > to get > them off the blacklisting found here: > http://www.uceprotect.net/en/rblcheck.php > > Apparently all the Israeli ISP are blacklisted here (any host you put > there in > their hosting range) - and all because they don't have a policy of > cleaning > up their network from spammers. > > This means we are all losing emails we send because our ISPs are doing a > bad > job. -- Noam Rathaus CTO [EMAIL PROTECTED] http://www.beyondsecurity.com "Know that you are safe." Beyond Security Finalist for the "Red Herring 100 Global" Awards 2007 = To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Israeli ISP and Blacklisting
Hi, I haven't dropped water into a boiling pan for nothing if you go here: http://www.uceprotect.net/en/rblcheck.php You will see that the IP (a hosted server): 192.117.232.213 Is all ok, beside the last one, which is due to the fact that Bezeq Int is blacklisted, at first I thought it was just them, but I checked three other IP addresses we have, and the other ISPs are blacklisted as well As: 3845 of 1107456 (0.347 %) addresses they have are marked as spammers - not spam senders, but routinely sending spam, and ISP not blocking them after an abuse email is issued. On Thursday 24 July 2008 14:09:42 shimi wrote: > On Thu, Jul 24, 2008 at 12:57 PM, Noam Rathaus <[EMAIL PROTECTED]> > > wrote: > > Hi, > > > > Has anyone here tried to get the Bezeq Internation, Barak or Netvision to > > get > > them off the blacklisting found here: > > http://www.uceprotect.net/en/rblcheck.php > > > > Apparently all the Israeli ISP are blacklisted here (any host you put > > there in > > their hosting range) - and all because they don't have a policy of > > cleaning up their network from spammers. > > > > This means we are all losing emails we send because our ISPs are doing a > > bad > > job. > > Hi Noam, > > Did you check the Israeli ISPs outgoing SMTP servers addresses and saw that > they're blacklisted? > > Or did you just use users dial-up/DSL/cable IP ranges in your test, which > SHOULD be blacklisted (why would a home user need to emit SMTP traffic on > his own instead of his ISP SMTP servers, where proper authentication and > thus logging and auditing can be taken care of? > > Most RBLs will list all non-ISP-managed block ranges for the above reasons, > regardless of their location on the globe... > > -- Shimi -- Noam Rathaus CTO [EMAIL PROTECTED] http://www.beyondsecurity.com "Know that you are safe." Beyond Security Finalist for the "Red Herring 100 Global" Awards 2007 = To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
RE: Israeli ISP and Blacklisting
*Sigh* Don't you have anything better to do? I can report that Israeli ISPs get decent cooperation (well most of the times, and from most RBLs). No one is going to block Israel completely. If you have a specific email that was blocked, or a specific RBL (with reasonable demands) you want to be removed from, please email abuse@ -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Omer Zak Sent: Thursday, July 24, 2008 1:38 PM To: linux-il Subject: Re: Israeli ISP and Blacklisting I have E-mailed my ISP about this. You may want to add to your E-mail to your ISP also your concerns that since ALL Israeli ISPs are blacklisted, the entire country is in danger of being backlisted as a country. While the real reason for such an action would be political, the spam handling situation is too convenient excuse to pass up. On Thu, 2008-07-24 at 12:57 +0300, Noam Rathaus wrote: > Hi, > > Has anyone here tried to get the Bezeq Internation, Barak or Netvision to get > them off the blacklisting found here: > http://www.uceprotect.net/en/rblcheck.php > > Apparently all the Israeli ISP are blacklisted here (any host you put there in > their hosting range) - and all because they don't have a policy of cleaning > up their network from spammers. > > This means we are all losing emails we send because our ISPs are doing a bad > job. -- "Kosher" Cellphones (cellphones with blocked SMS, video and Internet) are menace to the deaf. They must be outlawed! (See also: http://www.zak.co.il/tddpirate/2006/04/21/the-grave-danger-to-the-deaf-f rom-kosher-cellphones/) My own blog is at http://www.zak.co.il/tddpirate/ My opinions, as expressed in this E-mail message, are mine alone. They do not represent the official policy of any organization with which I may be affiliated in any way. WARNING TO SPAMMERS: at http://www.zak.co.il/spamwarning.html = To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED] To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
RE: Israeli ISP and Blacklisting
I'm sorry, but checking hosting/dynamic ranges is just misleading. It is impossible to clean these ranges, and even though the ISPs try. I don't know this specific RBL, but I don't think it's a widely used one - Anyway, they "punish" whole AS numbers which seems quite harsh. If you would _actually_ read what they are suggesting, you would have seen that it is impossible to implement in Israel (Can you imagine what will happen if the ISP's will just block port 25 and *force* you to use their own mail servers? I can just see the angry postbacks in ynet..). What you should be checking is the ranges that the ISP mail system uses; If you will take Smile 012 for example, and check it's reputation in senderbase.org, you will see that most of the servers are listed as "GOOD", and some as "Neutral": http://www.senderbase.org/senderbase_queries/detailip?search_string=84.9 5.2.0%2F24 -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Noam Rathaus Sent: Thursday, July 24, 2008 12:58 PM To: linux-il Subject: Israeli ISP and Blacklisting Hi, Has anyone here tried to get the Bezeq Internation, Barak or Netvision to get them off the blacklisting found here: http://www.uceprotect.net/en/rblcheck.php Apparently all the Israeli ISP are blacklisted here (any host you put there in their hosting range) - and all because they don't have a policy of cleaning up their network from spammers. This means we are all losing emails we send because our ISPs are doing a bad job. -- Noam Rathaus CTO [EMAIL PROTECTED] http://www.beyondsecurity.com "Know that you are safe." Beyond Security Finalist for the "Red Herring 100 Global" Awards 2007 = To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED] To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Israeli ISP and Blacklisting
On Thu, Jul 24, 2008 at 12:57 PM, Noam Rathaus <[EMAIL PROTECTED]> wrote: > Hi, > > Has anyone here tried to get the Bezeq Internation, Barak or Netvision to > get > them off the blacklisting found here: > http://www.uceprotect.net/en/rblcheck.php > > Apparently all the Israeli ISP are blacklisted here (any host you put there > in > their hosting range) - and all because they don't have a policy of cleaning > up their network from spammers. > > This means we are all losing emails we send because our ISPs are doing a > bad > job. > Hi Noam, Did you check the Israeli ISPs outgoing SMTP servers addresses and saw that they're blacklisted? Or did you just use users dial-up/DSL/cable IP ranges in your test, which SHOULD be blacklisted (why would a home user need to emit SMTP traffic on his own instead of his ISP SMTP servers, where proper authentication and thus logging and auditing can be taken care of? Most RBLs will list all non-ISP-managed block ranges for the above reasons, regardless of their location on the globe... -- Shimi
Re: Israeli ISP and Blacklisting
On 2008-07-24, Noam Rathaus <[EMAIL PROTECTED]> wrote: > Hi, > > So you use an external service for emails? > > If so who? > > Otherwise, do you have you server in the US (or elsewhere) just for that? > Yes, I have a server in the US for handling email to dotancohen.com. I use gmail for mailing lists. For those who cannot maintain their own server, I recommend a mail hosting service (can be have for $3 per month + domain for $7 per year) or webmail. Either way, be sure to back up locally! -- Dotan Cohen http://what-is-what.com http://gibberish.co.il א-ב-ג-ד-ה-ו-ז-ח-ט-י-ך-כ-ל-ם-מ-ן-נ-ס-ע-ף-פ-ץ-צ-ק-ר-ש-ת A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing?
Re: Israeli ISP and Blacklisting
Hi, I have no idea who is the guy to talk to, anyone has an email list of "manager" of ISP we can send our email to? [EMAIL PROTECTED] won't cut it here. On Thursday 24 July 2008 13:37:41 Omer Zak wrote: > I have E-mailed my ISP about this. > > You may want to add to your E-mail to your ISP also your concerns that > since ALL Israeli ISPs are blacklisted, the entire country is in danger > of being backlisted as a country. > > While the real reason for such an action would be political, the spam > handling situation is too convenient excuse to pass up. > > On Thu, 2008-07-24 at 12:57 +0300, Noam Rathaus wrote: > > Hi, > > > > Has anyone here tried to get the Bezeq Internation, Barak or Netvision to > > get them off the blacklisting found here: > > http://www.uceprotect.net/en/rblcheck.php > > > > Apparently all the Israeli ISP are blacklisted here (any host you put > > there in their hosting range) - and all because they don't have a policy > > of cleaning up their network from spammers. > > > > This means we are all losing emails we send because our ISPs are doing a > > bad job. -- Noam Rathaus CTO [EMAIL PROTECTED] http://www.beyondsecurity.com "Know that you are safe." Beyond Security Finalist for the "Red Herring 100 Global" Awards 2007 = To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Israeli ISP and Blacklisting
Hi, So you use an external service for emails? If so who? Otherwise, do you have you server in the US (or elsewhere) just for that? On Thursday 24 July 2008 13:14:26 Dotan Cohen wrote: > On 2008-07-24, Noam Rathaus <[EMAIL PROTECTED]> wrote: > > Hi, > > > > Has anyone here tried to get the Bezeq Internation, Barak or Netvision to > > get them off the blacklisting found here: > > http://www.uceprotect.net/en/rblcheck.php > > > > Apparently all the Israeli ISP are blacklisted here (any host you put > > there in their hosting range) - and all because they don't have a policy > > of cleaning up their network from spammers. > > > > This means we are all losing emails we send because our ISPs are doing a > > bad job. > > The solution is to have Bezeq, Netvision, and the other Israeli ISPs > to behave responsibly. I agree with blacklisting them until they clean > up their act. > > That said, this is the reason that I do not trust _any_ ISP with my email. -- Noam Rathaus CTO [EMAIL PROTECTED] http://www.beyondsecurity.com "Know that you are safe." Beyond Security Finalist for the "Red Herring 100 Global" Awards 2007 = To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Israeli ISP and Blacklisting
I have E-mailed my ISP about this. You may want to add to your E-mail to your ISP also your concerns that since ALL Israeli ISPs are blacklisted, the entire country is in danger of being backlisted as a country. While the real reason for such an action would be political, the spam handling situation is too convenient excuse to pass up. On Thu, 2008-07-24 at 12:57 +0300, Noam Rathaus wrote: > Hi, > > Has anyone here tried to get the Bezeq Internation, Barak or Netvision to get > them off the blacklisting found here: > http://www.uceprotect.net/en/rblcheck.php > > Apparently all the Israeli ISP are blacklisted here (any host you put there > in > their hosting range) - and all because they don't have a policy of cleaning > up their network from spammers. > > This means we are all losing emails we send because our ISPs are doing a bad > job. -- "Kosher" Cellphones (cellphones with blocked SMS, video and Internet) are menace to the deaf. They must be outlawed! (See also: http://www.zak.co.il/tddpirate/2006/04/21/the-grave-danger-to-the-deaf-from-kosher-cellphones/) My own blog is at http://www.zak.co.il/tddpirate/ My opinions, as expressed in this E-mail message, are mine alone. They do not represent the official policy of any organization with which I may be affiliated in any way. WARNING TO SPAMMERS: at http://www.zak.co.il/spamwarning.html = To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Ad-hoc wireless connection... Help?
Hello all, I'm trying to setup a temporary ad-hoc wireless connection between my firewall (CentOS5) and my laptop. (F9, NM disabled) The wireless connection will sit on the "red" side of the firewall (and will be disabled most of the time), so passphrase security should be OK. (At least for now) As far as I could gather (By using google), I should issue (more-or-less) the same commands on both ends. E.g.: FW: (rt61) $ ifconfig ra0 192.168.200.1 up $ iwconfig ra0 channel 11 rate 11M key XX essid name Notebook: (Intel chipset) $ ifconfig wlan0 192.168.200.2 up $ iwconfig wlan0 channel 11 rate 11M key XX essid name Ping doesn't work; ARP doesn't resolve IPs. What am I doing wrong? - Gilboa P.S. AFAIK the rt61 driver doesn't support Master mode, so I cannot setup an AP and I rather not use a permanent wireless AP. = To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: Israeli ISP and Blacklisting
On 2008-07-24, Noam Rathaus <[EMAIL PROTECTED]> wrote: > Hi, > > Has anyone here tried to get the Bezeq Internation, Barak or Netvision to get > them off the blacklisting found here: > http://www.uceprotect.net/en/rblcheck.php > > Apparently all the Israeli ISP are blacklisted here (any host you put there in > their hosting range) - and all because they don't have a policy of cleaning > up their network from spammers. > > This means we are all losing emails we send because our ISPs are doing a bad > job. > The solution is to have Bezeq, Netvision, and the other Israeli ISPs to behave responsibly. I agree with blacklisting them until they clean up their act. That said, this is the reason that I do not trust _any_ ISP with my email. -- Dotan Cohen http://what-is-what.com http://gibberish.co.il א-ב-ג-ד-ה-ו-ז-ח-ט-י-ך-כ-ל-ם-מ-ן-נ-ס-ע-ף-פ-ץ-צ-ק-ר-ש-ת A: Because it messes up the order in which people normally read text. Q: Why is top-posting such a bad thing?
Israeli ISP and Blacklisting
Hi, Has anyone here tried to get the Bezeq Internation, Barak or Netvision to get them off the blacklisting found here: http://www.uceprotect.net/en/rblcheck.php Apparently all the Israeli ISP are blacklisted here (any host you put there in their hosting range) - and all because they don't have a policy of cleaning up their network from spammers. This means we are all losing emails we send because our ISPs are doing a bad job. -- Noam Rathaus CTO [EMAIL PROTECTED] http://www.beyondsecurity.com "Know that you are safe." Beyond Security Finalist for the "Red Herring 100 Global" Awards 2007 = To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]
Re: nfs problems
FYI, i removed the nfs-user-server and install nfs-kernel-server and everything works now ... On Wed, Jul 9, 2008 at 3:21 PM, Erez D <[EMAIL PROTECTED]> wrote: > hi > > i have a diskless client booting with tftp and nfsroot (debian lenny on > kurobox-pro, as client, pc with hardy64 as server) > > the whole filesystem is mounted via (rw,no_root_squash) > > on the client: > when i try to create a new file - no problems > when i try to edit that file, i get : "Can't open file for writing", and the > file is truncated to zero size > looking from the nfs server verifies that the file was truncated ... > > i.e. > > vi /etc/newfile > :w -> sucess (my information is saved correctly) > :w (again) -> Can't open file for writing, ( and file is truncated to size 0 > ) > > if i try to read/write the file from the nfs-server, it works just fine. > > > any idea ? > > erez. > > > > = To unsubscribe, send mail to [EMAIL PROTECTED] with the word "unsubscribe" in the message body, e.g., run the command echo unsubscribe | mail [EMAIL PROTECTED]