Re: [swinog] Re: blocking ports?
isn't the most spam comming via compromized Computers ? adsl Dynamic or dialup user you should never trust them if the say the dont spam. they have to send mail the way smtp is thought for, that means send email to the smtp relay next to you. prevent him to send email via any other relay. if this would be consequent done by all ISP most of the spam would dissapear, and we could concentrate to prevent abusing other system for doing their harmfull work. Funny thing is one ISP is switching off his SMTP relay telling the client to use other smtp relay in the wild and call that a first action according to the stop spam campaign. another one is blocking port25 und force the user to use the ISP?s SMTP Relay and even explain this is done due to the stop spam campaign how to believe anything ? confused but still voting to block mail from dialup and adsl ranges ;-) -- Original Message -- From: Scott Weeks [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED], [EMAIL PROTECTED] Date: Thu, 12 Apr 2007 11:19:56 -0700 Hello, : So if a customer proofs that he is able from a technical : Point of view to operate an mail server in a secure manner : and assures not to abuse email for spam then it's not : acceptable that an ISP block anything to him. This is what I was saying to the guys here at my work. We just need a small proof that the customer isn't a spammer and we open it up. However, most of our customers are less-technical savy home folks. Did you have to prove to your ISP that you weren't spamming? If so, how did they have you do that? Thanks, scott --- [EMAIL PROTECTED] wrote: From: Peter Bickel [EMAIL PROTECTED] To: [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: [swinog] Re: blocking ports? Date: Thu, 12 Apr 2007 12:03:28 +0200 Scott Weeks schrieb: : You'd be amazed how many companies operate their own : mail servers, even behind dynamic addresses I'm speaking with guys in my company on an issue and part of the discussion has to do with me saying no one runs a mail server from behind a dynamic IP addresses. Other than just your experiences, does anyone have pointers to data on folks that do this? scott Hi Scott we do exactly this for IDV Network Consulting. We operate our own Mailserver (Solaris with sendmail and iamp) in our internal Network which is connected to Cablecom (DHCP ;-)) In addition we have some Maschines in a hosting environment which have of corse fixed IP addresses which we use to relay to the outside. All hosts use Solaris and sendmail and are protected with IPFilter with very restrictive Rules. Incomming email is going through the external hosts and an IPIP Tunnel directly to the internal mail server. We really don't want to be dependend on an ISPs email SETUP. DNS is the same which helped me in the past a lot where several customers weren't able to use the net everything worked for us. So if a customer proofs that he is able from a technical Point of view to operate an mail server in a secure manner and assures not to abuse email for spam then it's not acceptable that an ISP block anything to him. --- [EMAIL PROTECTED] wrote: From: Markus Wild [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: [swinog] Re: blocking ports? Date: Wed, 11 Apr 2007 19:26:39 +0200 Jonathan, Sorry but I disagree with Per. ISPs have a duty to prevent email Spam which is a terrible curse for us all. If they decide that blocking port 25 outbound will help then they should do it. If you are a user, why can't you use the ISPs relay server? If you are a provider you ought to have your own mail server on a fixed IP address. You'd be amazed how many companies operate their own mail servers, even behind dynamic addresses (in which case they usually use some mailbox polling mechanism to feed their server from mail from the outside), but send outgoing mail directly with SMTP. Of course, one day we need a better protocol than SMTP (*Simple* Mail Transfer Protocol) which was never meant as a global email solution. But until then we have to do something to stop people abusing it. But by killing the payload, not the messenger, please... Cheers, Markus ___ swinog mailing list [EMAIL PROTECTED] http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list [EMAIL PROTECTED] http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog -- Gruss Pitsch __ Peter Bickele-mail: [EMAIL PROTECTED] IDV Network ConsultingTelefon: +41 1 853 24 16 Gumpenwiesenstrasse 38 Fax: +41 1 853 27 04 CH-8157 Dielsdorf Mobile: +41 79 666 15 50 __
RE: [swinog] Re: blocking ports?
* Block destination port 25. This prevents bots from sending email directly to the victims MXes. No one wants to (must not) run an MTA in a dialup range: Many MXes dont accept emails orginating from dial-up rages. No one wants to (must not) run an MX in a dial-up range. The risk of delaying or losing email due to a IP change is not acceptable. And what if the successor of the IP runs an MX which accepts all Mail..? thats right. Telia has started as first ISP blocking Port 25 years ago... Given the second point is OK, this whole blocking thing this not a bad idea. And its not that hard to configure fetchmail/authenticated relaying to a smarthost for geeks who want to run their own email infrastructure (in contrary it adds som salt to the whole soup ;) Why not sell some fixed IPs, to customers who want use their own mailserver ? If i receive a request from such a user, that has a dyn IP, i tell him to buy a static one, because of full control and exclusion of DUHL. Furthermore the customer is self responsable, if a IP Adress in his range will be listed. Complaint Mails are also directly sent to the owner of the IP, so the Abuse Team don't need to work on such cases. Greetings Daniele Ladu ___ swinog mailing list [EMAIL PROTECTED] http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
[swinog] Question about new FMG an the Meldestelle
Dear all I have a question regarding the Meldestelle that need to be active since 01.04.2007 for SPAM issues. Can someone explain me, where i can send SMS Spam requests regarding Art. 45 Abs. 2 from the FMG for a SMS Spam that was sent from a Swisscom SMSC ? [EMAIL PROTECTED] seems to handle only Internet Spams. Where can i send a FAX, Email and a Letter ? Can someone from Swisscom help me ? :-) Thank you Daniele Ladu Senior Technical Support Operator sunrise TDC Switzerland AG Customer Care Postfach Hagenholzstrasse 20/22 CH-8050 Zürich Phone: +41 58 777 53 61 Fax: +41 58 777 97 07 [EMAIL PROTECTED] www.sunrise.ch http://www.sunrise.ch/ Privileged/confidential information may be contained in this message. If you are not the addressee indicated in this message (or responsible for delivery of the message to any such person), you may not copy or deliver this message to anyone. In such case, you should destroy this message and kindly notify the sender by reply e-mail. Please advise immediately if you or your employer does not consent to the receipt of Internet e-mail for messages of this kind. Opinions, conclusions and other information in this message that do not relate to the official business of the company shall be understood as neither given nor endorsed by it. ___ swinog mailing list [EMAIL PROTECTED] http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog
Re: [swinog] Re: blocking ports?
: but still voting to block mail from dialup and adsl ranges On DHCP DSL ranges. I see some businesses that have a legitimate email server on statically assigned DSL ranges... scott --- [EMAIL PROTECTED] wrote: From: Schmid [EMAIL PROTECTED] To: [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: [swinog] Re: blocking ports? Date: Fri, 13 Apr 2007 10:32:28 +0200 isn't the most spam comming via compromized Computers ? adsl Dynamic or dialup user you should never trust them if the say the dont spam. they have to send mail the way smtp is thought for, that means send email to the smtp relay next to you. prevent him to send email via any other relay. if this would be consequent done by all ISP most of the spam would dissapear, and we could concentrate to prevent abusing other system for doing their harmfull work. Funny thing is one ISP is switching off his SMTP relay telling the client to use other smtp relay in the wild and call that a first action according to the stop spam campaign. another one is blocking port25 und force the user to use the ISP?s SMTP Relay and even explain this is done due to the stop spam campaign how to believe anything ? confused but still voting to block mail from dialup and adsl ranges ;-) -- Original Message -- From: Scott Weeks [EMAIL PROTECTED] Reply-To: [EMAIL PROTECTED], [EMAIL PROTECTED] Date: Thu, 12 Apr 2007 11:19:56 -0700 Hello, : So if a customer proofs that he is able from a technical : Point of view to operate an mail server in a secure manner : and assures not to abuse email for spam then it's not : acceptable that an ISP block anything to him. This is what I was saying to the guys here at my work. We just need a small proof that the customer isn't a spammer and we open it up. However, most of our customers are less-technical savy home folks. Did you have to prove to your ISP that you weren't spamming? If so, how did they have you do that? Thanks, scott --- [EMAIL PROTECTED] wrote: From: Peter Bickel [EMAIL PROTECTED] To: [EMAIL PROTECTED], [EMAIL PROTECTED] Subject: Re: [swinog] Re: blocking ports? Date: Thu, 12 Apr 2007 12:03:28 +0200 Scott Weeks schrieb: : You'd be amazed how many companies operate their own : mail servers, even behind dynamic addresses I'm speaking with guys in my company on an issue and part of the discussion has to do with me saying no one runs a mail server from behind a dynamic IP addresses. Other than just your experiences, does anyone have pointers to data on folks that do this? scott Hi Scott we do exactly this for IDV Network Consulting. We operate our own Mailserver (Solaris with sendmail and iamp) in our internal Network which is connected to Cablecom (DHCP ;-)) In addition we have some Maschines in a hosting environment which have of corse fixed IP addresses which we use to relay to the outside. All hosts use Solaris and sendmail and are protected with IPFilter with very restrictive Rules. Incomming email is going through the external hosts and an IPIP Tunnel directly to the internal mail server. We really don't want to be dependend on an ISPs email SETUP. DNS is the same which helped me in the past a lot where several customers weren't able to use the net everything worked for us. So if a customer proofs that he is able from a technical Point of view to operate an mail server in a secure manner and assures not to abuse email for spam then it's not acceptable that an ISP block anything to him. --- [EMAIL PROTECTED] wrote: From: Markus Wild [EMAIL PROTECTED] To: [EMAIL PROTECTED] Subject: Re: [swinog] Re: blocking ports? Date: Wed, 11 Apr 2007 19:26:39 +0200 Jonathan, Sorry but I disagree with Per. ISPs have a duty to prevent email Spam which is a terrible curse for us all. If they decide that blocking port 25 outbound will help then they should do it. If you are a user, why can't you use the ISPs relay server? If you are a provider you ought to have your own mail server on a fixed IP address. You'd be amazed how many companies operate their own mail servers, even behind dynamic addresses (in which case they usually use some mailbox polling mechanism to feed their server from mail from the outside), but send outgoing mail directly with SMTP. Of course, one day we need a better protocol than SMTP (*Simple* Mail Transfer Protocol) which was never meant as a global email solution. But until then we have to do something to stop people abusing it. But by killing the payload, not the messenger, please... Cheers, Markus ___ swinog mailing list [EMAIL PROTECTED] http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog ___ swinog mailing list [EMAIL PROTECTED] http://lists.swinog.ch/cgi-bin/mailman/listinfo/swinog -- Gruss Pitsch
