Jump to content
Sign in to follow this  
Wollys

Yahoo webmail blocked...or?

Recommended Posts

And yes the ISP ought to inform its subscribers that it is using a bl to block email. However, typical ISPs don't have good communication skills, it seems to me. If they told their users in the right way, the users would be enthusiastic. But they think that all end users are ignorant, uneducable doofuses and won't understand the value of blocklists because they won't read the information carefully and will just complain.

Hey! At last someone that at least partially agrees with me, on some points! :) Bonus smiley awarded!

A new question:

Does anyone have any statistics?

What is the ratio (actual or estimated) of spam to legitimate mail when a service like yahoo/gmail is blacklisted?

As I understand, gmail (or yahoo) can only be blacklisted *itself* when the users are using the web interface (or perhaps some API?) to send spam. Is this the common way of sending spam through these servers, or is it more common to use SMTP?

It would be interesting to see some numbers on the amount of spam coming from different sources - open relays, hacked servers or mail scripts, zombies, 'rogue' sites, and web mail services like yahoo, gmail and hotmail.

senderbase.org tell give me the following stats for web27705.mail.ukl.yahoo.com

Volume Statistics for this IP

Magnitude Vol Change vs. Average

Last day 4.7 1730%

Last 30 days 3.9 235%

Average 3.4

Does this mean that it has been a 17-fold increase from average for this IP and that the spam:legitimate ratio - if the increase is only spam - must be something like 17:1 (which I would agree would make it a strong candidate for blocking..)?

Share this post


Link to post
Share on other sites
What is the ratio (actual or estimated) of spam to legitimate mail when a service like yahoo/gmail is blacklisted?

What is on the list? as found under the Blocking List section of the SpamCop FAQ, linkes at the top of this very pahe

As I understand, gmail (or yahoo) can only be blacklisted *itself* when the users are using the web interface (or perhaps some API?) to send spam. Is this the common way of sending spam through these servers, or is it more common to use SMTP?

Not sure where this understanding comes from .. early on the massive GMail server blocked discussioon, I did a check in which SMRP showed my IP address as being the source ... everything there good ... a test caused by something else within the last month had different results ... neither method showed my IP address anywhere .. as far as usage, you're invited to try your hand at getting anything useful from the Google folks ...

Does this mean that it has been a 17-fold increase from average for this IP and that the spam:legitimate ratio - if the increase is only spam - must be something like 17:1 (which I would agree would make it a strong candidate for blocking..)?

The terms used on that chart deal with "traffic seen" ... any ratio involved goes back to the link suggested above .. and that ratio is only based on spamtrap hits, user reports, and that "total traffic seen" stuff .... the other side of the coin is that if the spammer manages to not send spam to spamcop reporters, then the complaunts wouldn't be sufficient to trigger a listing .. usually noted by postings even here where there is a lone user receiving a ton of spam from the same location, but this user is the only one seeing it that reports it ... back to the math model ... one reporter is not sufficient to get an IP address listed, and even two reporters may not be receivng enough of the specific spam to satisfy the formula ..

Share this post


Link to post
Share on other sites

What is the ratio (actual or estimated) of spam to legitimate mail when a service like yahoo/gmail is blacklisted?

You still don't seem to have 'got it'. Services are not blacklisted, SERVERS are. Big services like gmail, yahoo and hotmail have literally hundreds of servers sending out e-mail. They'd have to go some to get them all listed at the same time! What happens is that from time to time one or more of those hundreds of servers are temporarily listed because that one IP (or more) has a significanrt mount of spam spewing fropm it.

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
Sign in to follow this  

×