North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Re: The worst abuse e-mail ever, sverige.net
on Tue, Sep 21, 2004 at 11:00:53AM -0600, james edwards wrote: > > > Sheesh. Get over /yourself/. Your network is rude by its very existence, > > if it lets spammers relay crud by way of it. Your own arrogance in > > thinking it's not your problem to fix is astounding. > > I did no say it is not my problem, we have a 10 year history of being > very pro-active for all abuse issues and have a dedicated staff person > to deal with these issues. OK, then, perhaps you can explain why I have received backscatter from web.cybermesa.com [220.127.116.11] or why even though I got spam from sf-du170.cybermesa.com [18.104.22.168] back in October 2001, and from sf-du201.cybermesa.com [22.214.171.124] in February 2002, you still haven't blocked outbound port 25 traffic from those obviously vulnerable hosts? http://groups.google.com/groups?num=50&hl=en&lr=&ie=UTF-8&newwindow=1&safe=off&c2coff=1&q=group%3Anews.admin.net-abuse.*+cybermesa.com&btnG=Search Looks like you've got an ongoing problem with those dialup ranges. > Slaming my mail admin because a dial up user has a virus is rude, > period. Nope. Sorry. Emitting spam/viruses or backscatter even though you know you (or your users) have a problem, expecting everyone else to block your network, and whining when someone has the gall to call you on it - that's rude. Of course, it's pretty common, but that doesn't make it any less rude. > Our dial up address space is listed, if people choose to block mail > from that space. I'm curious - where is it listed? I don't see anything on your Web site that even suggests a place to go looking for abuse/helpdesk/support info. Much less a banner inviting more responsible mail admins to block your listed netblocks.... Will a regex of [a-z]+[0-9]*\-du[0-9]+\.cybermesa\.com block all of your dialup ranges by rDNS? What about your DSL and ISDN ranges? How are they named? Consistently, I hope. And of course I also hope they resolve back-and-forwards to the IP, so spam/viruses don't squeak through sendmail due to being "possibly forged". Why aren't they named so that sendmail and other MTAs can block your dynamic ranges by RHS in access.db, instead of having to use regexes? Hint: blah-1-2.dynamic.cybermesa.com or blah-3.4.dialup.cybermesa.com or foo-5-6-7-8.dsl.cybermesa.com makes this much less annoying and difficult, and conveys the same information as sf-du120.cybermesa.com. I apologize if I offended you personally, I intended to do it professioanlly. Steve -- join us! http://hesketh.com/about/careers/web_designer.html join us! hesketh.com/inc. v: +1(919)834-2552 f: +1(919)834-2554 w: http://hesketh.com join us! http://hesketh.com/about/careers/account_manager.html join us!