On Thu, Jun 10, 2004, Hallam-Baker, Phillip wrote:
[please don't send me a copy of mailing list replies]
I am talking to certain ISPs about technology that would assist in
tracking down zombies that is similar to MTAMARK. I have had some
very favorable responses.
I don't want to track down zombies. I want to block them.
I am unable to support MTAMARK because the present proposal is
incoherent. If I control an IP address I can block port 25, so why
would anyone implement a rube goldberg scheme that allows me
to say 'i should have blocked port 25 but did not'?
So why don't do they block access to port 25? Using DNS they can
delegate control, blocking it in their routers causes maintainance
problems (and maybe performance problems?)
According to some news reports it would simply cost them too much
money to deal with the support issues. Or to quote one ISP: "Spammers
are customers too". Maybe ISPs care only about inbound spam because
their customers complain, but outbound spam is "only" a problem for
someone else?
Ask the ISPs to do something coherent such as using the reverse
DNS to advertise contact addresses, abuse notification mechanisms,
Since when do ISPs do something about abuse reports? The most I get
is an auto-response when I tell them about spammers/abused machines
on their DSL/cable connections. Are there actually ISPs that cut
off infected machines? If so, why does 80% of the spam still come
from spam zombies?