Jump to content

caryh

Members
  • Content Count

    5
  • Joined

  • Last visited

Community Reputation

0 Neutral

About caryh

  • Rank
    Newbie
  1. caryh

    False listings with SORBS DUHL

    Adding your confirmation messages to the advertising is NOT following Spamhaus's good practice list. In fact it is called list washing and spamming at the same time. Hit a Spamhaus trap and I'm very sure you're going to end up listed in Spamhaus until that practice changes. Quote from Spamhaus What is "confirmed opt-in"? Confirmed opt-in (COI) is a process by which a bulk email marketer automatically verifies that an opt-in request did in fact come from the email address owner and was therefore not spoofed, mistakenly or fraudulently subscribed. COI is the only legitimate way of operating a mailing list. end quote In your process, you've already delivered the payload. Spamming has occurred every time you send these advertisements, regardless if you're using them to confirm an address is legit. The confirmation must be done before your customer's payload is sent or you ARE sending spam through your server. There are even some who will argue running confirmations without the payload on an imported list is spam.
  2. caryh

    False listings with SORBS DUHL

    Ok I misunderstood your comments on that range. You are not operating from that range, but have just the one /24 from this ISP. Your domain stressfreecontact.com, regardless of what range you jump to, was listed as a spam source on URIBL blacklist yesterday. I see you're out today. That is another sign to any blacklist owner to think twice before removal. Although in the DUHL of sorbs, your range will get out when the request comes in the proper way they expect. Its also not so much a dynamic IP list, but a list of dynamic and generic ranges. Mathew is hard core about following his rules, but he does delist even if the person does personally piss him off when the list rules are followed.
  3. caryh

    False listings with SORBS DUHL

    stressfreecontact.com Listed on URIBL black You are on more than one list apparently. Who's sending from 216.224.233.114 with no rDNS?
  4. As the spammers get trickier, and the filters leaker, it would be nice to have.... A few more block lists to choose from. There are better dynamic address DNSBLs out there than just sorbs. The dnsbl lists I'd like to see considered as options uceprotect.net tqmcube.com Spamhaus' new Zen might be nice when it comes on line to. The blackholes lists are a little dated. Why just those few countries? To be effective today you'd need a lot more dynamic ranges. Like blocking Italy when they got bad, or recently Poland. nigeria, argentina, brazil just don't cover the spam sewer countries that the zombie nets are operating from. And when one gets blocked enough, they're just jumping to the next. Maybe it would be better to give people the option to block based on parts of the world they do not email based on the official IP registry from that part of the world. Say block ripe, arin, afrinic, apnic or lacnic. In any case I would like to see the DNSBL options reviewed. An option to not accept email from providers that refuse munged reports. If they just want to listwash me, or just hand my name over to a spammer, then I don't want email from their space. For some strange reason I never get an email that is not spam from those providers. I wonder why? The ability to add IP ranges to my blacklist. With and import and export features to maintain it. A few options filtering options than just contains or doesn't contain. Ends with, starts with and maybe regex expressions! Well I know everything added takes CPU power and complexity. Plus the time to change it and debug it. Still I thought I'd voice an opinion on some things I'd like to see that could make this a better service.
  5. caryh

    Tracking down a virus infected machine

    I'm having the very same issue with cypresscom.net. Daily reports to their abuse email address have done nothing to stop the virus spew. I've decided to change the order of my filters and the antivirus on my mail server to relay all messages from that ip address back to them. Normally my antivirus kicks in first. I did get some bogus reply from the help desk, where they sent me when I called them directly. At first he told the truth I think, "well we only deal with viruses if the affect our system. Its the clients probelm if they have them". Then it was "well maybe it was a night guy in the abuse department and he doesn't know how to handle it". Maybe I should try setting a repeating loop to their abuse address or maybe add the sales department for every virus sent to my server. I suppose the loop wouldn't be too nice of me, but I probably will have to expand the number of people that are getting the complaints until something happens. I think all their abuse complaints about viruses immediately go into the circular bin bucket.
×