Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Linux Links | Bling | About BLU

BLU Discuss list archive


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Anti-recommendation: Comcast.



 John Chambers wrote: 

> That has been reported frequently by people with  dynamic  IPs.   The 
> explanation  is  usually  that  someone  using  that address once got 
> infected by a spambot, and their address was added to the spam lists. 
> Then  the  ISP  shuffles  the addresses around, but the address stays 
> listed as a previous spam source. Since it's almost impossible to get 
> off  such  a  list,  the  fraction of the IP addresses listed as spam 
> sources is slowly growing. 
> 
I've heard a different explanation. 
For many ISPs, especially cable/broadband, there is a huge percentage of 
end-users on unpatched/unprotected Windows boxes who are either infected 
or will be infected soon.  For the most part, dynamic IPs at these ISPs 
indicate end-user-level machines and operators.  Some spam list 
providers have gathered (sometimes with ISP help) the dynamic ranges for 
each of these ISPs and some mail server operators use these lists to 
block mail directly from dynamic IPs.  I've done this myself; 
interestingly, specifically from Comcast as they don't seem to handle 
the abuse reports at all.  There was one Comcast IP, for example, that 
kept trying to hammer my mail server - for about 5 months.  I'd send 
weekly summaries to the Comcast Abuse department, with no response. 
While I was blocking the IP as a matter of course at the mail server 
level, eventually I just dropped it into my firewall.  Eventually they 
stopped. 

I am with RCN, and I do have a dynamic IP.  They do block outbound port 
25 with a destination outside their network; if Comcast had done that 
then most of the spam I saw from their space would have been eliminated. 
  I smarthost through the RCN mail servers; if/when I get a static IP I 
won't need to do that. 

  -Don 

-- 
This message has been scanned for viruses and 
dangerous content by MailScanner, and is 
believed to be clean. 

_______________________________________________ 
Discuss mailing list 
[hidden email] 
http://lists.blu.org/mailman/listinfo/discuss
 


BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!



Boston Linux & Unix / webmaster@blu.org