North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Abuse procedures... Reality Checks

  • From: Kradorex Xeron
  • Date: Thu Apr 12 14:15:29 2007

On Thursday 12 April 2007 06:14, Fernando André wrote:
> Citando Frank Bulk <[email protected]>:
> " but imagine how much work it
> > would save their abuse department in the long run"
> I think that Comcast trouble isn't has much has the company's affected I
> keep the idea that the best is to rate limit incoming connections and a lot
> of filtering to prevent the spam flood and keep hardware costs Low.
> Placing the filtering on the user will make the user cry a lot against
> the ISP,
> change ISP and keep the problem. They really don't care about their
> computer.

Agreed - 90-98% of end users could care less about their computer security, no 
matter who makes them look at the problem, they just "want to chat with aunt 
{lilly|mary|other} in God knows where" or to "close that business deal in New 
York", They don't want to bother with ports, IP, firewalls, etc, and I don't 
think that will change easily.

And as said previously, the person will ignore their ISP and cancel and move 
to another SP if the ISP hassles them with blocking their email, stopping 
certain apps, etc.

This isn't only a spam problem. it's also a problem with personal machines 
getting botnetted, virus'd, trojan'd over and over and over again.

Why? There's simply no end-user accountability.

> By using rate limit on incoming connections a lot of dynamic address's are
> blocked.
> "Additionally, upper management gives or takes away manpower many times
> without
> the understanding of what 'should' be done to be a good netizen and this
> defines how much effort can be spent on fixing the problems. "
> This is the biggest problem "upper management" really doesn't care and
> the time
> to use on this problems is not accounted.

Agreed again - Upper management business-types that are not involved in the 
actual operations of their businesses are most of the time not clueful enough 
to realize the problems, no matter how many times people explain it to them, 
they simply only see if it's making them money.

> So controlling the number of messages that leave your SMTP server is a
> solution
> and PBL from spamhaus is a good thing ! SPF also good but will lead to
> complains
> ( tuff )
> Blocking tcp destination port 25 to outside the network might work well
> on small
>   and without concurrent ISP, on big ones I doubt it.
> ------------------------------------------------------------
> Fernando Ribeiro
> ------------------------------------------------------------
> ----------------------------------------------------------------
> - Tvtel Comunicações S.A.