spf-discuss
[Top] [All Lists]

RE: Some thoughts about spam and SPF

2004-08-23 11:42:39
From: guy
Sent: Monday, August 23, 2004 1:01 PM


You said:
"That way, there are no additional MTA's listed with "?"."

Some of us must use the ISPs mail servers.  My IP address is
blacklisted because it is using DHCP.  I had been doing my
own email for years, until dnsbl.sorbs.net (and others)
blacklisted my IP address.  I wonder if a "cease and
desist" letter would help?

It wouldn't help and it shouldn't.  Letting people run mail servers on
dynamic IP lines was a luxury you experienced due to lax administration.
Now that every worm-ridden PC on their network can and does spew out of
port 25, SORBS and others have accomplished what your provider should
have done years ago:  block all of it.  The fact that you know what
you're doing and 99.9% of the rest of the folks with that class of
connection don't may be little consolation, but that class of line was
never meant to run servers on.  Since your provider is not responsibly
managing their network, SORBS and others have given the rest of the net
a means to protect themselves from the steady bombardment coming from
those trojaned boxes.  Basically, Comcast saves money by not having to
administer their network and SORBS just tells everyone else the IP
ranges that Comcast can't be bothered to manage.  If anyone is served a
cease and desist order it ought to be Comcast, along with a bill for the
bandwidth and time they've cost everyone else due to negligence.  When I
see how AOL was able to take control of their own network and run it
responsibly, I can't say that I have a lot of sympathy for Comcast when
they claim it would be too expensive.

Depending on who your provider is and what your choices are, a static IP
may not be that much more expensive and will let you be responsible for
your own setup again.


So, for camcast.net users at least, you are daydreaming.

Oh, back to DHCP.  My IP address does not get changed very
often, maybe once
a year.  If comcast did DHCP correctly, it would never
change.  The last
time was related to a power failure caused by a large storm
in my area.
Since I am able to re-boot and keep my IP address, I assume the power
failure effected comcast's DHCP server.

Now if MTA's would ignore dnsbl.sorbs.net when SPF records validate a
domain, I would be able to stop using the comcast servers.

If most MTA's stopped blocking dynamic IP lines, particularly those
belonging to Comcast, all of our mailboxes would be overflowing with
spam, worms and viruses.  That's not going to happen because other ISP's
customers won't put up with it.  I'm sorry if I come off hard-nosed on
this, but Comcast and their ilk are probably contributing 3/4 of the
spam volume we see today through their network of zombies.  Russian
virus writers are probably exercising more control over Comcast customer
machines than Comcast.

--

Seth Goodman