Much of spam identifying, filtering, and blocking is based on the
sending reputation of an IP address.
Right. And IP addresses are a LOUSY way to base that, for a whole
variety of reasons.
Statistically speaking, this appears to be simply false, possibly
except in an "it's the worst way around, except for all the others"
sense.
Even in your case, it worked very well, it seems to me. It alerted the
subject company to at least three major problems[%], at no greater cost
than a few days' disruption of their email traffic.
[%] (1) That they were running malware propagation systems on their
inhouse computers; (2) that their network was set up such that the
resulting infections could spew; and (3) that they didn't have
proper expertise to deal with it (you implied that your involvement
with them will go up sharply because of this, so hopefully this
last, at least, is now alleviated).
/~\ The ASCII der Mouse
\ / Ribbon Campaign
X Against HTML
mouse(_at_)rodents(_dot_)montreal(_dot_)qc(_dot_)ca
/ \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg