North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: SMTP relaying policies for Commercial ISP customers...?

  • From: Andy Dills
  • Date: Fri Feb 13 17:23:53 2004

On Fri, 13 Feb 2004, Leo Vegoda wrote:

> You wrote:
> [...]
> > Yes, that is a little bit stickier of an issue, IFF your goal is to
> > somehow continue to provide the would-be spammer with the ability to send
> > traffic to the net, provided it doesn't transit your mail server. I feel
> > that you're overlooking the simple solution. Blocking the entire account
> > so they can't access anything is the proper response to a spamming
> > incident.
> If you block the entire account then the user can't use the account
> to download the updates your Abuse Team will responsibly want to
> point him/her at. If you want to lose the customer then that's your
> business. If you want to keep the customer, helping them fix their
> mistakes is probably a painful and thankless task - but important
> and useful to the whole Internet community.

RFC1918 is your friend, as is making internal copies of windowsupdate
patches and virus removal tools.

But even then, I would block 100% of access until we establish customer
contact and are sure that the issue will be dealt with. Then, I would
re-enable them on RFC1918 space, assist them in rectifying their problem,
and then re-enable the rest of their account.

This doesn't result in lost customers. This results in appreciative
customers, even if they were blocked when they had the problem. If you
don't block them, most people will never know until they've spewed gigs.


Andy Dills
Xecunet, Inc.