Ben wrote: > Second, I'm becoming less and less of a buyer on the whole "report it to > the ISP" malarky. Its starting to become a bit of a 1990's way of doing > it. I increasingly find myself wondering whether ISPs actually bother > to read abuse mails or whether they get filtered straight to /dev/null. > > Case in point on number two, for some months now I have been receving > Spam originating from a Verizon customer. The Verizon customer appears > to be some sort of marketing company that has a range on the Verizon > network. > > Every...single...time... I report the spam, full headers & all. Have > they done anything about it ? No. Has the volume of spam reduced ? No. > > I ended up blocking that IP in a custom RBL that I feed into SpamAssassin. > > Sure, I guess for tweaking your internal SpamAssassin implementation, > headers could be useful. But for external reporting, I think they've > had their day.
*nod* Unfortunately true; reporting to third parties is largely ineffective. I've even had abuse reports rejected as spam, either due to the content of the spam or for simply including the original as a proper attachment that "could be malicious". Reporting spam to the ISP for filter tuning, on the other hand, is about the only way to get a systemwide view of what's getting through. -kgd