Noddy Posted May 21, 2006 Author Share Posted May 21, 2006 Duped? Hey! If you send it, you're responsible for it. Next time the postman delivers mail for the next door neighbour I'll rip it up then? Gee, I wonder if that might be becaus this is a support Forum for the SpamCop.net toolset? Naw, too much of a coincidence ...... Just stating the obvious, didn't want any passing readers to think it was the definitive resource on spam on the net. You've mentioned Spamhaus already. Note that there is a listing there about "autoresponders, misdirected bounces, etc. etc. etc. This is not "just" a SpamCop.net concept .... Yet another repeat .. there are thousands of other BLs out there .... I couldn't care less about other BL's, it's the spamcop one I have issues with, not the others. The real reason is exemplified by yourself ... users that have no idea of the actual mechanics of how "the net" works. Ban all people who don't meet certain geek standards then? Stop selling spamcop to newbies unless they pass a spamcop exam? Give me a break! Probably .. the fact that it's installed on e-mail servers around the world, installed on personal systems around the worled, used in conjunction with serveral third-party e-mail filtering applications installed on systems around the world is probably just a fluke of nature .... I wouldn't have a clue as I've freely admitted. Why does this seem to be a recurring theme in your postings? I'll get my handbag and we'll duel at dawn. Really? Problem identified, resolved .... or are you still just pulling things out of the air? That's what happened here. I know damned well that every user here has to connect to that IP address. And just how does someone at SpamCop.net reach out and "manage" some ISP's server out there somewhere in the world? Once again, you have demonstrated the comlete lack of knowledge on how "the net" .. SpamCop.net .. the SpamCopDNSBL ... etc., etc., etc. actually works. So spamcop can't release a list of "white listed" email addresses with its black lists? You don't think the idea has merit? Or you don't care? ???? I learn by applying facts that I know, researching those that I don't .... After all the time and energy spent by quite a number of other SpamCop.net users, most attempting to re-explain the FAQ data, you're still making statements that clearly indicate that you've not grasped what's actually going on .... this "discussion" is getting to the point that the concept of "help" does't seem appropriate ... it may be getting close to the decision point of moving this to the Lounge as a "bit of rant" and (possibly?) closing it to additional postings. You've asked for explanations and help, all that and more has been offered, now you're trying to turn this into something to justify your philisophical ideas .... not quite a "Help" scenario .... No close it, I've experienced the friendly atmosphere and I've decided that I've had enough of you. And a thank you to those that helped, I do appreciate it. Link to comment Share on other sites More sharing options...
StevenUnderwood Posted May 22, 2006 Share Posted May 22, 2006 Anything that makes it past some software called Spamassasin provided by my domain hosting provider gets zapped by my CR anti spam software. I don't use it irresponsibly, it's just that Spamassasin lets so much through. And no, I'm not breaking any T&C's with my ISP. Any CR software is against many T&C's I have seen...you should check with them again. You are probably sending unsolicited messages to many innocent addresses that were forged on some of the "so much" that made it through SpamAssassin. Sending messages to addresses that did not originate the challenge is spamming them. You are simply redirecting your spam onto some other innocent party. Think about it, would you want every peice of spam in the world that has your address forged on it sent back to your address? If you are receiving spam, it is likely that your address has either been used as the return address on a spam run or wil be at some point in the future. A spam run can be thousands of messages with your address forged on it. Link to comment Share on other sites More sharing options...
Miss Betsy Posted May 22, 2006 Share Posted May 22, 2006 I don't know if Noddy has gone or is still looking at this topic. What government (besides China) censors internet use? The whole philosophy behind blocklists is that people are free to have web sites and to send whatever email they want. However, if they are selfish and imposing on other people, people also have a right to block any email they don't want (the web sites just don't have to be visited). Responsible, decent people generally agree on what kind of email they don't want and they understand that spam is any email that one has not requested and does not want. I repeat, if you stop shooting from the hip with your remarks, you will find that blocklists are the natural way to deal with spam on the internet. Spamassassin is a very good content filter, but you have to know how to use it. C/R is nothing more than dumping your trash on your neighbor's lawn. If everyone did use blocklists, then there would be no spam problem for anyone (and no problems with getting blocked either). That is not true for any other spam cessation method. Miss Betsy Link to comment Share on other sites More sharing options...
Wazoo Posted May 22, 2006 Share Posted May 22, 2006 What government (besides China) censors internet use? His referenced link leads to a series of documents from a research group analyzing just that question. The specific page referenced is about Burma ..... sever resttrictions, filtering, results involved .... Link to comment Share on other sites More sharing options...
Noddy Posted May 22, 2006 Author Share Posted May 22, 2006 The whole philosophy behind blocklists is that people are free to have web sites and to send whatever email they want. However, if they are selfish and imposing on other people, people also have a right to block any email they don't want (the web sites just don't have to be visited). It would appear that spamcop has decided that they will provide a list for its users that can block an entire IP address for an entire ISP and all that ISP's users, that's a little different to blocking the actual spammer don't you think? Why allow the users the ability to block 100's of people? You can't keep on trawling out the same old "we don't block anyone" response. If you provide the tools for the users to implement you're part of the problem. It would be akin to me saying to an arms dealer "no I don't hold you responsible because you didn't pull the trigger, the user did". Responsible, decent people generally agree on what kind of email they don't want and they understand that spam is any email that one has not requested and does not want. I agree, but I think most decent people would be surprised to hear that the system also affects people who are completely innocent. I repeat, if you stop shooting from the hip with your remarks, you will find that blocklists are the natural way to deal with spam on the internet. Spamassassin is a very good content filter, but you have to know how to use it. C/R is nothing more than dumping your trash on your neighbor's lawn. No, blocklists are not the only way, they just happen to be the way you agree with most. I have personally elected to use both blocklists and CR. Regrettably Spamassassin as it is provided to me is not user configurable, I simply have the option to switch it on or off. Your last sentence would I suspect be aimed at someone who is purely using CR. If everyone did use blocklists, then there would be no spam problem for anyone (and no problems with getting blocked either). That is not true for any other spam cessation method. Somewhat utopian in your beliefs there I'm afraid! One look around these forums and you'll soon realise that such a thing is all but impossible, I could cite many reasons, one of them being that some ISP's profit from it. As much as I admire your support for the product, I'm afraid I'm still to be convinced that the product is not indiscriminate. The emphasis seems to be on protecting users of spamcop rather than caring about those who are victims of those that use the software and implement the blacklists. There appears to be much reliance on the technical aspect that spamcop "doesn't block anyone", this seperation of responsibility bears no credibility from my standpoint, it simply comes across as pedantic. Given the fact that visitors to this forum are expected to read through pages of FAQ's before posting their legitimate complaint will only serve to alienate you from those who feel miffed that their emails are being rejected. Just the same as some of those who have posted on this thread have demonstrated their impatience in dealing with an individuals query, don't expect "newbies" to react too kindly to being told that the onus is now on them to contact their ISP with a list of demands for something they are at a loss to understand. It's ironic how many times I've read about the "rights" of spamcop users on these forums, yet I take it they couldn't care less about the time someone like me has to spend to find a solution. If I were to believe that the product will save the spam universe I might not have minded, but as it won't, I do mind! But I shall thank you for your previous post where you pointed out to me what I needed to tell my ISP, I do realise that you don't work for spamcop and for that I am grateful, thank you! Any CR software is against many T&C's I have seen...you should check with them again. You are probably sending unsolicited messages to many innocent addresses that were forged on some of the "so much" that made it through SpamAssassin. Sending messages to addresses that did not originate the challenge is spamming them. You are simply redirecting your spam onto some other innocent party. Think about it, would you want every peice of spam in the world that has your address forged on it sent back to your address? If you are receiving spam, it is likely that your address has either been used as the return address on a spam run or wil be at some point in the future. A spam run can be thousands of messages with your address forged on it. I've had a think about what you have written Steven and you make a valid point. I've taken a closer look and adjusted some of the "rules" in my CR software to reduce this, time will tell I guess how successful that will be. I know you'd no doubt like me to stop using the CR software altogether....not much chance of that I'm afraid! I appreciate your replies. Link to comment Share on other sites More sharing options...
Wazoo Posted May 22, 2006 Share Posted May 22, 2006 It would appear that spamcop has decided that they will provide a list for its users that can block an entire IP address for an entire ISP and all that ISP's users, I'm having a problem in trying to figure out why you have such a problem grasping how things work, especially after so many people have tried to explain it in different ways .... The only "SpamCop.net users" that directly benefit from the SpamCopDNSBL are those that opted for and paid for a SpamCop.net e-mail account. And here's a cute one, that application does not use the SpamCopDNSBL as a "blocking" tool, rather a tagging and management tool, moving "bad" e-mail into a "Held" folder. The SpamCopDNSBL is a list available for use by others. The continued point has been made, not "everybody" uses it, not all of those ISPs that use it configure their systems against SpamCop.net recommendations as a Blocking tool .... and again, your "entire IP address for an entire ISP" is just plain goofy at this point. The only IP address is that seen as the source of bad e-mail. An ISP may have thousands of e-mail servers, but it's the server seen as spewing bad stuff in a sifficient ratio and timeframe that may get "it" added to the "dynamic" SpamCopDNSBL. When are you actually going to take alook at the definitions of the stuff you are carrying on about? that's a little different to blocking the actual spammer don't you think? It's the spam spew that's of interest. Early warnings to that ISP that there's an issue they need to take care of. Why allow the users the ability to block 100's of people? Users???? as above, your discussion pont is the receiving ISP and their decision on what tools to implement, how to use them .... You can't keep on trawling out the same old "we don't block anyone" response. No one "here" has the power / authority to mandate how an ISP somewhere else in the world has to set-up their system. Trust me, if that was the case, there would be no spam, phishes, virus distrubution, etc., etc., etc. For the umpteenth time, the SpamCopDNSBL is a list of spam sources, end of story. No, blocklists are not the only way, they just happen to be the way you agree with most. I have personally elected to use both blocklists and CR. Regrettably Spamassassin as it is provided to me is not user configurable, I simply have the option to switch it on or off. SpamCop.net itself tried C/R years back .. dropped it as a totally failed experiment .... and some of the reasons of the "failed" connotation is exactly why it's still seen as a failure for those trying to call it a "new" method today ... hint .. spammers don't play by the rules that the rest of the world uses ... As much as I admire your support for the product, I'm afraid I'm still to be convinced that the product is not indiscriminate. The emphasis seems to be on protecting users of spamcop rather than caring about those who are victims of those that use the software and implement the blacklists. There appears to be much reliance on the technical aspect that spamcop "doesn't block anyone", this seperation of responsibility bears no credibility from my standpoint, it simply comes across as pedantic. Whatever ... again, you're speaking from the perspecrive of not understanding how things work. Your argument needs to be redirected towards the maintainer of the e-mail server seen spewing bad stuff and perhaps a plea to the receiving ISP to see if they would make an allowance for "your" e-mail ... the SpamCopDNSBL does what it does, just as designed, just as advertised, but the end result depends on how someone configures their system to use it ... Yes, it's a fact, there is no way that SpamCOp.net can "touch" your e-mail, end of story. Given the fact that visitors to this forum are expected to read through pages of FAQ's before posting their legitimate complaint will only serve to alienate you from those who feel miffed that their emails are being rejected. Just the same as some of those who have posted on this thread have demonstrated their impatience in dealing with an individuals query The FAQs were developed such that a lot of questions need not be asked. However, in a discussion like this, where the FAQs have been pointed to, data within those FAQs have been re-iterated, re-explained, repeated is a total waste of time for all concerned, seeing as you don't seem to have a desire to work with the truth of the situation. The secondary reason for the FAQ lists was just so "we" wouldn't have to retype all that data everytime a "new" user showed up asking a Frequently Asked Question (FAQ) ... yet here we are where some of this data has been remanufactored a dozen times, yet you srill want to have us believe that you still don't have a clue .... , don't expect "newbies" to react too kindly to being told that the onus is now on them to contact their ISP with a list of demands for something they are at a loss to understand. It's ironic how many times I've read about the "rights" of spamcop users on these forums, yet I take it they couldn't care less about the time someone like me has to spend to find a solution. If I were to believe that the product will save the spam universe I might not have minded, but as it won't, I do mind! This discussion started out with folks trying to "help" you ..... you're the one that wants to change your request for help into a philosophical quagmire .... But I shall thank you for your previous post where you pointed out to me what I needed to tell my ISP, I do realise that you don't work for spamcop and for that I am grateful, thank you! I don't recall anyone telling you what you should tell your ISP. I recall that I tossed up a few question to ask of the recipient's ISP, and there were other questions suggested to ask your ISP about their spam / misdrected bounce contol issues. Again, it was the recipient's ISP that is allegedly using the SpamCopDNSBL in a "blocking" fashion. And if no one has mentioned it ..... http://www.spamcop.net/w3m?action=blcheck&ip=203.81.162.12 203.81.162.12 not listed in bl.spamcop.net Again, as per the design, the IP address has aged off the SpamCopDNSBL as the mathmatical formula of listing is not currently met .... Link to comment Share on other sites More sharing options...
Miss Betsy Posted May 22, 2006 Share Posted May 22, 2006 <snip> I agree, but I think most decent people would be surprised to hear that the system also affects people who are completely innocent. People who are not criminals or reckless drivers get tickets for having a burned out tail light because it is dangerous to drive with no tail lights. There are no 'innocent' people using email. There are knowledgable, responsible people and ignorant people. No, blocklists are not the only way, they just happen to be the way you agree with most. I have personally elected to use both blocklists and CR. Regrettably Spamassassin as it is provided to me is not user configurable, I simply have the option to switch it on or off. Your last sentence would I suspect be aimed at someone who is purely using CR. I didn't say that blocklists were the only way to filter email. I said that they fit the internet and email systems best and are most effective. The reason that I believe they are the most effective is because the sender gets notification that something is wrong with their system. The sender is the only one that can 'stop' spam on the internet. When blocklists first began, there were people like you who were yelling foul because they were 'innocent' mailing list operators. However, confirmed subscription and other 'best practices' have protected legitimate mailing list operators so that only ignorant ones have problems with blocklists. ISPs now have procedures in place so that they don't have spammers as customers. Now the biggest problem are those 'innocent' people who allow their computers to be infected by trojans and the spammers use those computers to spew spam. Somewhat utopian in your beliefs there I'm afraid! One look around these forums and you'll soon realise that such a thing is all but impossible, I could cite many reasons, one of them being that some ISP's profit from it. I didn't say that it would stop spam from being sent. However, those end users who are knowledgable would use email services that used blocklists at the server level so that if, by chance, a correspondent had a problem, they would be notified. Naturally, the sender would fix the problem immediately and all would be well. Everybody else, spammers and those ignorant of how to use the internet properly, would be excluded. Since it would be the norm for end users to choose responsible email providers, most people would have no problem in connecting with anyone and spam would never enter their inboxes. As much as I admire your support for the product, I'm afraid I'm still to be convinced that the product is not indiscriminate. The emphasis seems to be on protecting users of spamcop rather than caring about those who are victims of those that use the software and implement the blacklists. There appears to be much reliance on the technical aspect that spamcop "doesn't block anyone", this seperation of responsibility bears no credibility from my standpoint, it simply comes across as pedantic. I thought that I was being very careful to use 'spamcop blocklist' and 'blocklists' There is a difference among blocklists. SpamCop blocklist is aggressive and is automatic. ISPs use a combination of blocklists and filters to protect their customers. I am not supporting a particular blocklist, but blocklists in general. Given the fact that visitors to this forum are expected to read through pages of FAQ's before posting their legitimate complaint will only serve to alienate you from those who feel miffed that their emails are being rejected. Just the same as some of those who have posted on this thread have demonstrated their impatience in dealing with an individuals query, don't expect "newbies" to react too kindly to being told that the onus is now on them to contact their ISP with a list of demands for something they are at a loss to understand. It's ironic how many times I've read about the "rights" of spamcop users on these forums, yet I take it they couldn't care less about the time someone like me has to spend to find a solution. If I were to believe that the product will save the spam universe I might not have minded, but as it won't, I do mind! I agree completely that 'newbies' should not have to read through pages of FAQs before posting and that the immediate reaction to being blocked is annoyance (whether you understand it or not). However, I will repeat again: the *sender* is the only one who can do something about sending spam. You are on the *sending* end. All I can do, as receiver, is to tell you that I don't want email from where you are because spam is coming from that place. That's being nice. I could simply delete anything. Or I could dump it on someone else by using C/R. (and as a personal preference, I take umbrage at being asked to respond to a C/R even if I am legitimate. If someone has given me their email address, then they should have the courtesy to whitelist it so that I don't have to do that. And there is no way that I would ever answer an unsolicited email without using a throwaway email account. Scammers are really good at sounding legitimate. I don't answer calls from private numbers either unless I am expecting it. And would never get in a car to give directions to someone.) It is not difficult to understand (though I agree that, in general, spamcop doesn't make it easy). I thought that the 'Why Am I Blocked?' FAQ laid it out in understandable terms. I would appreciate knowing why it didn't answer your questions. <snip> Miss Betsy Link to comment Share on other sites More sharing options...
StevenUnderwood Posted May 22, 2006 Share Posted May 22, 2006 It would appear that spamcop has decided that they will provide a list for its users that can block an entire IP address for an entire ISP and all that ISP's users, that's a little different to blocking the actual spammer don't you think? Why allow the users the ability to block 100's of people? Once again, the IP address is the ONLY piece of information not provided by the system sending the message to the receiving server. Everything else can be forged and often is. Email addresses forged to look like it is coming from someone else. Date/time forged to show up higher in a sorted list. The IP address needs to be correct because SMTP is a two way communication. If the IP address is forged, the sending machine will not get the OK response to continue the communications. It is the only information available to check against until the message is accepted, which means the traffic has been paid for. Link to comment Share on other sites More sharing options...
Derek T Posted May 22, 2006 Share Posted May 22, 2006 Hey Noddy, can we speak to your friend Bigears? Perhaps he's better at listening? Link to comment Share on other sites More sharing options...
Stephen.Young Posted June 8, 2006 Share Posted June 8, 2006 I fully understand Noddys frustration as I am currently in the situation of having vital emails bounced because my ISPs mail servers have been listed. It is highly frustrating and very hard for me as an ICT director to explain to my end users who are currently beating down my door and will be for the next 16 hours at least. Having read through all of this posting and hopefuly having understood the technicals, (Excuse me if I haven't, but it is a steep learning curve when you suddenly find yourself blocked.) has raised the following questions, Can SpamCop lists (which allthough you say they are not block lists are regularly used as such) be used to mount a malicious "partial Denial of Service" attack on an ISP/company? Google has listing claiming that automated reports can be sent to Spamcop. Can they be as this would obviously allow such an attack to be mounted? Also you say that out of office replies generated by spam are treated as spam, this is a feature promoted by Microsoft and present on millions of exchange servers world wide. If I know that a company is using the system, or any automated email reply what is to stop me throwing spam at the account to get it on the spam list? Link to comment Share on other sites More sharing options...
Miss Betsy Posted June 8, 2006 Share Posted June 8, 2006 I fully understand Noddys frustration as I am currently in the situation of having vital emails bounced because my ISPs mail servers have been listed. It is highly frustrating and very hard for me as an ICT director to explain to my end users who are currently beating down my door and will be for the next 16 hours at least. You are remaining pretty calm in your post, though! Having read through all of this posting and hopefuly having understood the technicals, (Excuse me if I haven't, but it is a steep learning curve when you suddenly find yourself blocked.) has raised the following questions, I am not a server admin, but there are lots of them here who may not treat you like a 'customer' but have lots of experience and information to give you if you are still willing to listen. Can SpamCop lists (which allthough you say they are not block lists are regularly used as such) be used to mount a malicious "partial Denial of Service" attack on an ISP/company? Google has listing claiming that automated reports can be sent to Spamcop. Can they be as this would obviously allow such an attack to be mounted? No. Although the blocklist is automatic, IP addresses can be delisted manually if there is any malicious use of spamcop. Spamcop administration is careful about safeguards. I don't think that it is technically possible either. Also you say that out of office replies generated by spam are treated as spam, this is a feature promoted by Microsoft and present on millions of exchange servers world wide. If I know that a company is using the system, or any automated email reply what is to stop me throwing spam at the account to get it on the spam list? Using Microsoft as an authority on what is good for the internet is not an argument that will fly here. Many server admins consider that Microsoft is the 'enemy' by selling those millions of exchange servers with all the problems they cause because of exploits, inadequate instruction, etc. There are ways to configure out of office replies so that they don't reply to spam - if you think that they are absolutely necessary. Another thing to take into consideration is that there are other blocklists out there (that don't expire automatically). They may be more conservative than spamcop, but if you continue to send email to spam traps sooner or later you will end up on their bls. You would be able to explain about an outage due to a backhoe to your customers. Blocklists (if you use the information to correct problems) are just one of those things that happens sometimes. Miss Betsy Link to comment Share on other sites More sharing options...
Farelf Posted June 8, 2006 Share Posted June 8, 2006 ... Can SpamCop lists (which allthough you say they are not block lists are regularly used as such) be used to mount a malicious "partial Denial of Service" attack on an ISP/company? Google has listing claiming that automated reports can be sent to Spamcop. Can they be as this would obviously allow such an attack to be mounted? Also you say that out of office replies generated by spam are treated as spam, this is a feature promoted by Microsoft and present on millions of exchange servers world wide. If I know that a company is using the system, or any automated email reply what is to stop me throwing spam at the account to get it on the spam list? The key to the whole thing is that it is the sending server address - like 217.37.208.57 as in 217.37.208.57 (host217-37-208-57.in-addr.btopenworld.com) - that gets listed, not the email address. The difference is that the server address can't be forged, email addresses are routinely forged. The frustration comes in when innocent ordinary users share a server with spammers - the whole server is blocked. Spamming is contrary to the Terms Of Service of the service providers, their admins need to enforce their TOS, SpamCop reacts quickly to give them early warning that there is a problem and if they get it fixed they can go for early de-listing. There are far sterner block lists around than the SCBL so timely response to SpamCop listing can save the far more serious grief which will follow lack of service provider attention to the early warnings. Anyone can register to become a SpamCop reporter but if they knowingly or incompetently report non-spam they will be suspended. The problem with out of office replies is when spam from a forged address is forwarded to someone using it then the spam gets bounced back to the innocent person whose address has been forged. Sometimes in great profusion, but most/many people would have put up with that - except the spammers also forge out of office replies as yet another device to stuff boxes. I've glossed over a few aspects there but that's faairly much the way I see it. Does it all make a bit more sense now? Link to comment Share on other sites More sharing options...
Stephen.Young Posted June 8, 2006 Share Posted June 8, 2006 Thank you Miss Betsy for the comment that I sound pretty calm. (Once you've hidden in the server room and baracaded the doors it's quite peaceful!!!!!) All you can do is sit and have a philosophical debate about the nature of spam, who is guilty, who is innocent etc. (for at least the next 12 hours or so until my ISP comes off the list) So before I go home (climbing out of the window to avoid users!!!) my final thought for the day is. The two posts after mine do seem to confirm that I have broadly speaking I do understand what is going on as regards blocking but it still leaves the following problem and it is that whatever I do as a user and even if I design the perfect email system, as a medium sized business I am reliant on on a shared mail server at an ISP. If another user or the ISP does something wrong I get my email system "nuked". I therefore wonder if the spam listing system as it stands is going to end up taking down more legimate users than spammers, and as the spammers don't give a $%*! as they simply move on to a new IP address you end up only really targeting the innocent and never really punishing the ones that every system admin across the globe would like to see behind bars. The other point is that one of the posts said don't do what Microsoft say. All well and good but here in the UK the largest percentage of companies numerically speaking are small in size, that means that they often don't have the technical expertise that your're suggesting in house and so have to go with what the software companies like MS say. Again innocent bystanders getting punished for simply trying to use email. Let me know your thoughts, and hey by tommorrow I MAY be able to email as well as post.... now where did I leave the rope for climbing out of the window!!!!!!!!!!!!!!!!!!! Link to comment Share on other sites More sharing options...
Telarin Posted June 8, 2006 Share Posted June 8, 2006 So before I go home (climbing out of the window to avoid users!!!) my final thought for the day is. Any well designed server room has a secret emergency exit for just such occassions even if I design the perfect email system, as a medium sized business I am reliant on on a shared mail server at an ISP. If another user or the ISP does something wrong I get my email system "nuked". Ok, in all seriousness, there is NO reason to be tied to your ISPs mail server. I have set up Exchange servers for businesses with as few as 8 employees. A product like Microsoft Small Business Server 2003 includes Exchange 2003 which is fairly decently configured off the shelf, Windows Server, SQL Server, and a myriad of other productivity tools that any business can make use of. Its not even horribly expensive. Even if something like SBS 2003 is out of buget, there are a number of mail server programs that will run on a free distro of linux and will cost you little or nothing out of pocket. I don't think anyone will argue that spamcop, or any blacklist for that matter is a perfect solution. However, it does help a lot. By using the SCBL in conjunction with other blocklists and filters, I reject more than 12,000 junk emails per day in a 35 user email system and RARELY have complaints of false positives. Its not so much a matter of simply "don't do what Microsoft says", its a matter of know what you are doing. Even Microsofts products can be configured securely and correctly, the problem is that they are so easy to use that it is not uncommon for people that have no clue at all to set up an Exchange server and just use the all the default settings. There are things you need to do to have a good Exchange configuration: Reject email to users that don't exist Add a couple blocklists to Connection filtering. Personally, I use the SCBL, Spamhaus, and several country lists to block most of Asia and Africa. Your needs may vary depending on where your customers are. All of your rejecting messages for blocklists should include the reason it is being rejected, the sending IP address, and some way to contact you that doesn't involve the filtering. Personally, I just have the postmaster account setup to bypass all of the blocklists and filters with a note in the message to the effect of "If you believe you have received this message in error, contact postmaster[at]mydomain.com". If a customer contacts me with problems, I can look at the headers of their email and whitelist their server if needed. Here in the office we do use out of office and vacation messages, but so little spam makes it through the filters, that they have NEVER caused a problem. Use IMF (built into Exchange 2003 SP2) for additional filtering of spam. It gives you the option to reject or filter messages into a Junk E-mail folder in outlook based on their "spamminess" and works very well to catch the few messages that make it by the blocklists. Remember, when running a business email system, it is MUCH better to reject a message outright and provide the sender with an error than to accept the message and have it get lost in someones Junk E-mail folder or inbox among 200+ pieces of spam. Not to mention the money you save on storage space and bandwidth by not handling all that garbage. Link to comment Share on other sites More sharing options...
turetzsr Posted June 8, 2006 Share Posted June 8, 2006 Thank you Miss Betsy for the comment that I sound pretty calm....It is, after all, true! <g> And your humor is also appreciated!<snip> ... whatever I do as a user and even if I design the perfect email system, as a medium sized business I am reliant on on a shared mail server at an ISP. If another user or the ISP does something wrong I get my email system "nuked". ...But not by SpamCop. SpamCop suggests that its BL be used to sort/filter incoming e-mail, not reject it. OTOH, if users of the SpamCop BL find that the savings from blocking e-mail from IP addresses that are on the SpamCop BL outweigh the disadvantages, they are free to use it in that manner. But that's their decision and not (directly) attributed to the BL.The other point is that one of the posts said don't do what Microsoft say....Not exactly -- it said (1) referring to Microsoft as an authority as to what to do with e-mails is questionable and (2) "[t]here are ways to configure out of office replies so that they don't reply to spam."All well and good but here in the UK the largest percentage of companies numerically speaking are small in size, that means that they often don't have the technical expertise that your're suggesting in house and so have to go with what the software companies like MS say. <snip> ...Just because a company is "small in size" does not prevent it from using best practices, even if those practices are different from those endorsed by Microsoft (although I doubt Microsoft would say that you shouldn't use them). ...Small companies are also disadvantaged when their supplies come in late because a truck was sitting in a traffic jam or because they can not get a bank loan at the same low rate as a large company. There are just some things smaller companies have to work out in order to compete effectively with their larger competitors. E-mail (in fact, a web presence, in general) is one of those. Link to comment Share on other sites More sharing options...
Miss Betsy Posted June 8, 2006 Share Posted June 8, 2006 The two posts after mine do seem to confirm that I have broadly speaking I do understand what is going on as regards blocking but it still leaves the following problem and it is that whatever I do as a user and even if I design the perfect email system, as a medium sized business I am reliant on on a shared mail server at an ISP. If another user or the ISP does something wrong I get my email system "nuked". I therefore wonder if the spam listing system as it stands is going to end up taking down more legimate users than spammers, and as the spammers don't give a $%*! as they simply move on to a new IP address you end up only really targeting the innocent and never really punishing the ones that every system admin across the globe would like to see behind bars. Doing business online is like doing business offline. If you choose a location that seems good for your family business, but then adult movies and other adult entertainment moves in around you, you are going to have to move because it is affecting your business. Shared servers are somewhat the same. There are places to get good email services (where the admins do not allow spammers). It may not be within your authority to change email services, but then that's not your fault, is it? Blocklists are the natural way to control spam on the internet and are widely used. There are no 'innocent' users any more; there are only ignorant users. (That may sound harsh, but now, at least, you know a lot more than you did the day before yesterday <g>). Someone gave you good advice about Microsoft. And, I don't know whether it would be practical or not, but your users can set up temporary hotmail accounts and send mail from them that would be accepted by the ISPs who are using spamcop bl to block. It's not a bad idea to have alternate methods in place in case something else happens not related to blocklists (like backhoes). Miss Betsy Link to comment Share on other sites More sharing options...
Wazoo Posted June 8, 2006 Share Posted June 8, 2006 The two posts after mine do seem to confirm that I have broadly speaking I do understand what is going on as regards blocking but it still leaves the following problem and it is that whatever I do as a user and even if I design the perfect email system, as a medium sized business I am reliant on on a shared mail server at an ISP. If another user or the ISP does something wrong I get my email system "nuked". Statement goes to the 'extreme' .. and not true at all. One must start with thre FAQ entry "What is on th List?" ... try the math and note that it isn't that "a user does something wrong" except in very rare cases. Once ipon a time, there was a 2% tipping rate that had to be exceeded. IF you'd have provided the IP address in question, some data could have been made available to flesh things out a bit .. but if one was to fo with the 'generic' shared host that is hjandling several 'small' companies, then say a traffic load of 10,000 e-mails a day may not be too much of an exaggeration. Using the old 2% point, it would take 200 e-mails sent to people that chose to use the SpamCop Parsing & Reporting system and actually took the time to report those 'bad' e-mails to even think about getting the IP address listed. In that scenario, the IP address "owner" would have received 200 reports of problem e-mai coming from that server. Shouldn't that be enough of a wake-up call that something is going on? OK, ISP ignored the reports, more 'bad' e-mail went out in a large enough proportion to keep the IP address listed ... the "total" impact of that listing is only seen when omeone using that outgoing e-mail server to try to send e-mail to an ISP that is using the BL in a "blocking" mode. Again, imaginary numbers .. less than 50% of the world's ISP use the SpamCopDNSBL, less than 50% of those use it in a "blocking" mode ... a portion of those "blocking" ISPs offer their users a whitelist capability .... that leaves an awful lot of ISPs left in the world that would receive that outgoing e-mail with no problem. Not quite matching the "nuked" description. I therefore wonder if the spam listing system as it stands is going to end up taking down more legimate users than spammers, and as the spammers don't give a $%*! as they simply move on to a new IP address you end up only really targeting the innocent and never really punishing the ones that every system admin across the globe would like to see behind bars. For the math, see the above. For what actually gets 'blocked' ... that starts with an e-mail server that wasn't under management, and the receiving ISP that made a decision to implement variosu tools in a particular fashion. Once again, that does not seem to equate to 100% "blockage" .... The other point is that one of the posts said don't do what Microsoft say. All well and good but here in the UK the largest percentage of companies numerically speaking are small in size, that means that they often don't have the technical expertise that your're suggesting in house and so have to go with what the software companies like MS say. Again innocent bystanders getting punished for simply trying to use email. Innocent bystanders? Yes to a point. What is missing is that they are paying good money to someone else that is supposed to be providing those services and expertise .... in a lot of the discussions seen here, the amount paid and services rendered don't quite line up .... or then again, one could remember that silly phrase "you get what you pay for" ...???? (though in this particular instance, you are getting a lot of stuff offered up for basically nothing 'here' by the gracious folks volunteering their time and expertise) Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.