Why Blacklisting Spammers Is A Bad Idea 396
Roland Piquepaille writes "For the last two months, an eternity in Internet time, I was unable to reach -- and to contribute to -- Smart Mobs, the collective blogging effort around the next social revolution initiated by Howard Rheingold. Why that? Because an unknown customer of Verio decided it was a spamming site and asked the company to blacklist the site. Verio complied -- probably without even checking it -- and my problems started. It took me dozens of e-mails and phone calls and two visits to the headquarters of my french ISP, Noos, to fix the situation. More about this horror story is available here."
Re:Run your own mail server on your own domain (Score:5, Informative)
That's what I'd call costumer care... (Score:5, Informative)
Quoting from the article:
Maybe it is a good time to change ISP?
Re:My own slashdot horror story... (Score:1, Informative)
Eventually, I was issued a new IP address from earthlink"
And you couldn't manually request a new DHCP address because... ?
Details? (Score:3, Informative)
Of course, in one case a company did provide extensive details that, when looked into, showed that their listing was perfectly justified.
Re:My own slashdot horror story... (Score:2, Informative)
Back when they issued CybrSurfr cable modems, the DHCP server assigned you an IP based upon the MAC address of your NIC. If you wanted a new IP, all you had to do was ifconfig yourself a new MAC, do a network restart, and voila... Brand new IP, usually in a totally different
Now, they've migrated everyone to SurfBoard 4x00 series modems. DHCP assigns an IP to the modem based upon its HFC MAC, not based upon your NIC's MAC. As best I can tell - believe me I've tried - there is no way to change the MAC of the modem, at least not without physical tampering. Unless the DHCP server itself is rebooted, or runs out of IPs to assign and needs to cycle through, you WILL get the same IP every time on the SurfBoard 4x00's. When I had a 5-day outage over the summer, after the connection was fixed I came back up with the same IP.
In other words, short of getting a different modem, it's nearly impossible to proactively request a new DHCP lease with a new IP.
Re:Improperly done blacklist (Score:4, Informative)
Verio = SBF (Spammer's Best Friend) (Score:4, Informative)
Check for yourself: Verio's Listing
I use blackholes.us [blackholes.us] to block (port 25) entire countries (cn, kr, tw) and ISPs (Verio, interbusiness.it...) that do not qualify (in my standards) for connecting to my mailserver.
NSG
This stuff is PROBABILISTIC, people! (Score:1, Informative)
Re:Pot/Kettle (Score:0, Informative)
Re:My own slashdot horror story... (Score:4, Informative)
He probably could, but unfortunately he'll probably get the same IP address. From the RFC:
Bummer, dood.Comment removed (Score:2, Informative)
Re:Had the same problem.. (Score:1, Informative)
Which have been published in alt.2600.....
Blacklist=BAD Bayesian=GOOD (Score:1, Informative)
free markets (Score:1, Informative)
Re:Spamcop (Score:1, Informative)
Re:Improperly done blacklist (Score:1, Informative)
Actually, within the past couple of weeks AOL has started blocking all inbound e-mails that do not have a valid DNS reverse lookup. This certainly includes most dynamic ip addresses but could also include static IP addresses. (This was specifically done to reduce the volume of spam.)
Re:The replies (Score:3, Informative)
It frustrates me that the http proxy:
1. Didn't warn me that this was an issue upon install
2. **Allowed this to happen at all**
I have submitted a bug to the developers. This is a known issue, though I'd never heard of it before, nor had 2/3rds of my geek (professional programmers, recreational sysadmins - which describes myself as well) friends. If http proxies blocked all requests (or at least PUTs) to localhost/127.0.0.1 and all know network interfaces on the local machine, this kind of thing either wouldn't be a problem, or would be much less a problem.
Again, pot - kettle - black. Still, good software wouldn't allow this kind of thing in the first place, and recreational sysadmins wouldn't have to worry so much.
Finally, as I'll mention in another thread, I only discovered I was an open relay when my DSL line acted up (total "lucky" coincidence) and I did a lot of investigation on the server. I discovered a huge email queue (which I nuked) and lots of RBL delivery rejections in the mail log. If they had sent ONE message to root@[my ip address] I'd have found out immediately and shut it down within a day.