Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > NZ Computing > Orcon's email servers in a spam blocklist

Reply
Thread Tools

Orcon's email servers in a spam blocklist

 
 
Steven Ellis
Guest
Posts: n/a
 
      11-05-2006
Recently had some problems sending emails and it appears Orcon's load
balancers are now in a spam blacklist

http://tqmcube.com/cgi-bin/checkbl?ip=219.88.242.4

It will be interesting to see how quickly they managed to get this
sorted out.

Steve

 
Reply With Quote
 
 
 
 
MaHogany
Guest
Posts: n/a
 
      11-05-2006
On Sat, 04 Nov 2006 17:24:28 -0800, Steven Ellis wrote:

> It will be interesting to see how quickly they managed to get this
> sorted out.


The solution would be to kill the connection that is spewing out the spam,
and then go back to the blacklister with a list of what was done to kill
the spam from spewing forth.


Ma Hogany

--
"The average user doesn't know what he wants. The average user wants
fries with that, if prompted."

 
Reply With Quote
 
 
 
 
Matty F
Guest
Posts: n/a
 
      11-05-2006
MaHogany wrote:

> The solution would be to kill the connection that is spewing out the spam,
> and then go back to the blacklister with a list of what was done to kill
> the spam from spewing forth.


Possibly the machine spewing out the spam spreads the emails around to
many ISPs (by accident or design) so that any one ISP doesn't see that
much spam from one IP address.
However I see that some spam is addressed to a whole lot of people in
alphabetic order at the same ISP. So it should be possible for the
receivng ISP to detect that and block that IP address. Before anyone
says that it would take too long to do that, it takes even longer to
store the spam and send it to their customers.

Also, the new spam containing just a gif is easy to detect. A single
one of those and the IP address it came from should be immediately
blocked. If there's time, even better would be to bounce all emails
from that IP with a message about spam.

 
Reply With Quote
 
MaHogany
Guest
Posts: n/a
 
      11-05-2006
On Sun, 05 Nov 2006 01:28:41 -0800, Matty F wrote:

> Possibly the machine spewing out the spam spreads the emails around to
> many ISPs (by accident or design) so that any one ISP doesn't see that
> much spam from one IP address.


Incorrect.

A compromised machine would be located on one network. If that machine
starts spewing out spam or viruses which result in that network being
blacklisted, then it is the responsibility of that network to contact the
customer who owns the compromised PC and get it sorted out.

I think that is the solution to SPAM - complainants get ISPs blacklisted,
and those ISPs need to demonstrate that the compromised PC is fixed before
the ISP is un-blacklisted.


Ma Hogany

--
"The average user doesn't know what he wants. The average user wants
fries with that, if prompted."

 
Reply With Quote
 
Shane
Guest
Posts: n/a
 
      11-05-2006
MaHogany wrote:

> On Sun, 05 Nov 2006 01:28:41 -0800, Matty F wrote:
>
>> Possibly the machine spewing out the spam spreads the emails around to
>> many ISPs (by accident or design) so that any one ISP doesn't see that
>> much spam from one IP address.

>
> Incorrect.
>
> A compromised machine would be located on one network. If that machine
> starts spewing out spam or viruses which result in that network being
> blacklisted, then it is the responsibility of that network to contact the
> customer who owns the compromised PC and get it sorted out.
>
> I think that is the solution to SPAM - complainants get ISPs blacklisted,
> and those ISPs need to demonstrate that the compromised PC is fixed before
> the ISP is un-blacklisted.
>
>
> Ma Hogany
>


Your 'solution' ignores the fact that the machine may be on a dynamic ip's.
Further, your 'solution' implies ISP's should have the power to arbitrarily
disconnect your internet connection


--
Voiceover: You watched it! You can't unwatch it!

blog: http://shanes.dyndns.org

 
Reply With Quote
 
peterwn
Guest
Posts: n/a
 
      11-05-2006

Shane wrote:

> >

>
> Your 'solution' ignores the fact that the machine may be on a dynamic ip's.
> Further, your 'solution' implies ISP's should have the power to arbitrarily
> disconnect your internet connection


Blocklist operators would start by blocking one IP and if the problem
continues or re-surfaces would start blocking more and more related
IP's. One problem that occurs is that some overseas ISP's find that
spam customers are lucrative business and if they have a static IP,
will readily allocate an alternative IP.

One of the objectives of blocklist operators is to put pressure on
ISP's to tidy up the act at their own end by not allowing open relay
and by disconnecting customers with 'zombie' machines.

The terms and conditions set by ISP's would be sufficiently broad to
allow it to disconnect a spammer or an innocent person whose machine
has become a spam zombie. In the latter case the customer may
appreciate this as this may save the customer paying hefty excess
bandwidth fees.

 
Reply With Quote
 
Shane
Guest
Posts: n/a
 
      11-05-2006
peterwn wrote:

>
> Shane wrote:
>
>> >

>>
>> Your 'solution' ignores the fact that the machine may be on a dynamic
>> ip's. Further, your 'solution' implies ISP's should have the power to
>> arbitrarily disconnect your internet connection

>
> Blocklist operators would start by blocking one IP and if the problem
> continues or re-surfaces would start blocking more and more related
> IP's. One problem that occurs is that some overseas ISP's find that
> spam customers are lucrative business and if they have a static IP,
> will readily allocate an alternative IP.
>
> One of the objectives of blocklist operators is to put pressure on
> ISP's to tidy up the act at their own end by not allowing open relay
> and by disconnecting customers with 'zombie' machines.
>
> The terms and conditions set by ISP's would be sufficiently broad to
> allow it to disconnect a spammer or an innocent person whose machine
> has become a spam zombie. In the latter case the customer may
> appreciate this as this may save the customer paying hefty excess
> bandwidth fees.


Am I to presume you have the same feelings about p2p users?
Would you be equally happy if isp's arbitrarily disconnected accounts
because of the amount of p2p traffic they generate?

--
Professor Farnsworth: Good news, everyone! The university is bringing me up
on disciplinary charges. Wait! That's not good news at all!

blog: http://shanes.dyndns.org

 
Reply With Quote
 
Steven Ellis
Guest
Posts: n/a
 
      11-05-2006

Steven Ellis wrote:
> Recently had some problems sending emails and it appears Orcon's load
> balancers are now in a spam blacklist
>
> http://tqmcube.com/cgi-bin/checkbl?ip=219.88.242.4
>
> It will be interesting to see how quickly they managed to get this
> sorted out.


Well a quick check this morning shows that Orcon is no longer
blacklisted.

Steve

 
Reply With Quote
 
peterwn
Guest
Posts: n/a
 
      11-05-2006

Shane wrote:
> peterwn wrote:
>
> Am I to presume you have the same feelings about p2p users?
> Would you be equally happy if isp's arbitrarily disconnected accounts
> because of the amount of p2p traffic they generate?
>

They are two completely different situations. In the case of spambots,
the ISP should try to identify and disconnect them to reduce the misery
caused to other users. They generate traffic without the knowledge or
consent of the account owner. The ISP can then reconnect them once the
account holder has cleaned things up, installed the latest updates,
installed anti-virus etc - golly, after doing all this it would be
easier to install Linux and Open Office and be done with it.

It seems with p2p, the ISP's should come clean. They should not offer
an 'eat all you like' service then clobber those whom they claim are
abusing it. They should set limits and make them known.

 
Reply With Quote
 
Nig
Guest
Posts: n/a
 
      11-06-2006
In article <eil99k$rp$(E-Mail Removed)>,
Shane <(E-Mail Removed)-a-geek.net> wrote:

> Your 'solution' ignores the fact that the machine may be on a dynamic ip's.
> Further, your 'solution' implies ISP's should have the power to arbitrarily
> disconnect your internet connection


They would know which subscriber had that IP at any given time.
They can disconnect you prety smartly if your account isn't paid.

--
Nigel
 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
New Spyware Blocklist and other stuff posted sponge Computer Security 8 03-30-2005 07:34 AM
Security Blocklist Converter 2.16 YK Computer Security 0 07-08-2003 01:20 PM



Advertisments