 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
John Chambers wrote: > That has been reported frequently by people with dynamic IPs. The > explanation is usually that someone using that address once got > infected by a spambot, and their address was added to the spam lists. > Then the ISP shuffles the addresses around, but the address stays > listed as a previous spam source. Since it's almost impossible to get > off such a list, the fraction of the IP addresses listed as spam > sources is slowly growing. > I've heard a different explanation. For many ISPs, especially cable/broadband, there is a huge percentage of end-users on unpatched/unprotected Windows boxes who are either infected or will be infected soon. For the most part, dynamic IPs at these ISPs indicate end-user-level machines and operators. Some spam list providers have gathered (sometimes with ISP help) the dynamic ranges for each of these ISPs and some mail server operators use these lists to block mail directly from dynamic IPs. I've done this myself; interestingly, specifically from Comcast as they don't seem to handle the abuse reports at all. There was one Comcast IP, for example, that kept trying to hammer my mail server - for about 5 months. I'd send weekly summaries to the Comcast Abuse department, with no response. While I was blocking the IP as a matter of course at the mail server level, eventually I just dropped it into my firewall. Eventually they stopped. I am with RCN, and I do have a dynamic IP. They do block outbound port 25 with a destination outside their network; if Comcast had done that then most of the spam I saw from their space would have been eliminated. I smarthost through the RCN mail servers; if/when I get a static IP I won't need to do that. -Don -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. _______________________________________________ Discuss mailing list [hidden email] http://lists.blu.org/mailman/listinfo/discuss
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
