On 25/06/2010, at 4:05 PM, Joe Abley wrote:
My impression from those who spend much of their time
with this stuff is that the right thing is to authenticate your users and check each
outbound message against a useful set of heuristics to avoid spam being relayed by your
servers. "The client address is in a blacklist" by itself does not sound like a
useful set of heuristics, to me (as you have discovered).
Whilst it might be expedient to refuse connections from anonymous people in the Internet
based on something as crude as "client address is in a blacklist", in the case
of an authenticated user it seems far better to let them connect and deal with any
apparent infection they have (drop mail, proactive phone call, whatever fits the budget)
than it does to refuse to talk to them. The latter is almost guaranteed to cost you money
in your helpdesk budget.
That's the very reason that many people do it - to get the phone call so they can
educate the customer, protect their service and reputation and generally make the Internet
a better place. Money is not the major motivation for most who take this war seriously.
If the public
connection is not actively managed, including receiving and responding to notifications
then yes I imagine it will quickly be listed. But if someone there is paying attention
then they should be able to pick on any listing and sort it out. I've done that many
times in the past and it is not complicated.
Cleaning up public hotspots as spam sources sounds very much like whack-a-mole, even more
so in a place where it's near guaranteed that the spam sources will have left the
country by the time you try to follow up :-)
It's not the spam sources that you follow up but the RBLs - educate them as to your
network and business and they treat you better. Network operators cannot ignore what
happens on their network and the effects of that traffic.
PS I'm pretty sure we've spent a week in the same conference centre on the wrong
side of the world and I never bumped into you once!
.nz Registry Services (New Zealand Domain Name Registry Limited)
desk: +64 4 931 6977
mobile: +64 21 678840