[Novalug] Tangent - Re: Aggressive Spam Rejection with Postfix
David A. Cafaro
dac@cafaro.net
Mon Mar 3 15:44:29 EST 2008
Actually, I have had similar experience in the past.
Though I have my own colocated server, the IP address I was given
happened to once belong to a known spammer (who thankfully went out
of business because of being blocked and loosing lawsuits). Anyways,
in the process of transitioning the IP address to a new owner it was
necessary to briefly turn on the old email/dns servers of the spammer
to allow an IANA confirmation email to go through to complete the
sale. Spamhaus detected those servers being on and immediately
listed the entire IP range, without a single spam having been sent.
To make this more fun I happened to be on vacation and this happened
on a Friday afternoon (the listing going into effect).
Spamhaus has a habit of shoot first ask questions later. And often
the questions aren't asked till MUCH later (even after repeated
emails). Needless to say they eventually responded and by the
beginning of the next week the IPs were off the list. To deal with
the delay my ISP was nice enough to issue me another temp IP address
to move my mail service to while we waited for Spamhaus to get back
from their weekend break.
Now, do I still use Spamhuas to block spam on my own server? Yes.
Why after that experience would I? 'cause if I don't it's a lot LOT
worse. It's a necessary evil. Your screwed if you do and more
screwed if you don't. Most of the time I have not had problems, and
none of my clients have complained about bounced emails not being
delivered to them (most of them have multiple email accounts for
their clients to contact them, just because their email junkies).
So, Roger is right, be careful and be forewarned.
-David
On Mar 3, 2008, at 3:27 PM, rogerb@bronord.com wrote:
> Spamhaus - All the talk about spam fighting bring me to this: many
> major
> domains for my email correspondents appear to have blocked email
> originating
> from the smtp server that is used by the webmail interface that I
> am using at
> this very moment - maintained by servage.net. Curiously, the server
> for my
> pop3 account is not blocked.
>
> Reviews of Spamhaus black lists, bounce messages, and
> correspondence with my
> provider indicated that there may have been a spammer(s?) using the
> server.
> The result of this is emails to friends at Eartlink, Verizon,
> Comcast, at&t
> net, are bounced.
>
> My service provider claims they have corresponded with Spamhaus to
> no avail, I
> tried myself and got no repsponse from Spamhaus. This makes me
> doubt the
> goodness of their lists.
>
> The reason you are not getting spam may be that the dragnet is
> overly tight
> and you might miss valid incoming email too. That's speculation on
> my part.
>
> In my case, I'm locked into a contract and not about to move
> because of this
> problem - at least not until the contract is up.
>
> I wonder if anyone has better info / insight into this.
>
> --
> Roger W. Broseus
> Email: RogerB@bronord.com
> Web Site: www.bronord.com
>
> _______________________________________________
> Novalug mailing list
> Novalug@calypso.tux.org
> http://calypso.tux.org/cgi-bin/mailman/listinfo/novalug
David A. Cafaro <dac@cafaro.net>
Cafaro's Ramblings: www.cafaro.net
More information about the Novalug
mailing list