Re: [Sheflug] Re: bounces

[Dave Mitchell <xxxxx [at] xxxxxxxxxxxxx>]

My, what a lot of twaddle is talked in those postings/emails below.

The way things work in the real world is that

(a) the IP address of the PC that originated the spam can usually be
traced. Some ISPs may then block this IP, but this is only a short-term
expedient, since it's usually a dialup account, whose IP gets assigned to a
different user each time. The best you can hope for is that the ISP who
owns the ISP can trace the use of the ISP to a particular customer and
ban him/her/it.

(b) The email may be relayed through some sucker's mail server which
hasn't got relaying filters set up. This will usually get reported to the
owner of that server, and if they don't take steps to disable relaying,
that server may be put on a blacklist (eg ORBS).

(c) ISPs who are known to actively support spam may find their entire
IP address ranges added to blacklists.

> -----------------------------------------------------------------------------
> Hi all, thought you might like to read these emails from abuse [at] zetnet.co.uk
> about the blacklisting and the way they appear to not know what their system
> admin are doing. I must say, in their defence, that it took a bit of courage
> on their part to actually admit it, so, hopefully a lesson learned, but I
> feel also that the comment that blueyonder's abuse dept are very slow to
> act, must be taken seriously, or I fear this type of thing is going to keep
> on happening.
> 
> So, do we know how spam can only come from one machine? As this saga has
> proved, you take a lottery on which machine passes your mail through. .
> Perhaps some heads need to get together on this one before a major problem
> occurs.
> So, below is the text of an email from abuse, followed by Paul Martin's
> message. Now I know all about the netiquette rules on emails, but as it is
> in response to an email to admin, and he chose to use his account, I see it
> as a valid thing. I will remove his email address though.
> 
> I have to say that I find it a little hard to believe that 'one' of blue
> yonder servers is on some kind of blacklist....So far as I am aware it is
> actually the ISP who has permitted abuse to actually be suspended as a
> whole. Certainly I have never heard of only 'one' server being reprimanded
> as it were!! It is beginning to sound to me as though you are being fed a
> bit of a line. As I said I have regular correspondence with other Blueyonder
> users who appear to be able to send and receive mail to all and sundry
> including Zetnet customers and staff.
> When we receive complaints from our customers with regard to abuse of email
> the ISP who has permitted the sending of such emails is contacted and
> reported. It is then up to the ISP to put their house in order and deal with
> the offending sender in such a way that those who control the blacklists are
> satisfied and the ISP is then removed from that list so far as I am aware.
> Certainly this is not something that we have any control over. We simply
> report the matter to those in authority and leave them to deal with things
> as they see fit.
> I personally have never heard of a server being placed on a blacklist. With
> regard to other ISP's doing things on a malicious basis I cannot comment on
> behalf of others. We take abuse seriously as we have no wish to have our
> customers leave us who are offended or affected by such things, and we have
> no desire to have our license revoked or to find ourselves on such
> blacklists. I'm not sure what you think that we can do with regard to
> blueyonder...it seems to me that the problem lies with them...as indeed it
> would seem that it always has.
> We are certainly not in the habit of causing problems for other ISP's -
> either maliciously or otherwise, intentional or accidental.
> 
> 
> Regards
> 
> Jules
> Zetnet Services Ltd
> Tel 01595 696697
> Fax 01595 696548
> 
> Then a bit later I got.... from Paul Martin.
> 
> I had blocked:
> 
> Name: pcow057o.blueyonder.co.uk
> Address: 195.188.53.94
> 
> as there was a lot of spam coming from that IP address, and Blueyonder
> didn't make any response to my emails to their abuse department.
> 
> I have unblocked it for the moment. However, it'll be blocked again if
> we see another torrent of spam from that IP address.
> 
> --
> Paul Martin..
> Brian here again,
> 
> So, what do people think? It is mighty strange that spam can be traced to
> just one machine, unless there is some kind of forging going on, I am not
> technical enough to know if someone can forge a mail machine's address or
> not.
> 
> As I said, I'd have thought that if it was a blue yonder customer, it would
> have  been distributed among their machines.
> 
> Brian very suspicious, terrier mode now off...
> 
> 
> 
> -- 
> \ Chris Johnson           \ NP: Various - A-Ha / The Sun Always Shines On t.
>  \ cej [at] nightwolf.org.uk    ~-----,  V. 
>   \ http://cej.nightwolf.org.uk/  ~-----------------------------------, 
>    \ Redclaw chat - http://redclaw.org.uk - telnet redclaw.org.uk 2000 \____
> 
> 
> ___________________________________________________________________
> 
> Sheffield Linux User's Group - http://www.sheflug.co.uk . 
> To unsubscribe from this list send mail to 
> shef-lug-request [at] list.sheflug.org.uk with the word
> "unsubscribe" in the body of the message. 
> 
>   GNU the choice of a complete generation.

___________________________________________________________________

Sheffield Linux User's Group - http://www.sheflug.co.uk . 
To unsubscribe from this list send mail to 
shef-lug-request@list.sheflug.org.uk with the word
"unsubscribe" in the body of the message. 

  GNU the choice of a complete generation.