North American Network Operators Group|
Date Prev | Date Next |
Date Index |
Thread Index |
Author Index |
Re: ISP wants to stop outgoing web based spam
- From: Hank Nussbacher
- Date: Thu Aug 10 15:50:45 2006
On Thu, 10 Aug 2006, Peter Corlett wrote:
On 10 Aug 2006, at 19:12, Hank Nussbacher wrote:
I'll answer on-list since this answer can benefit others. The primary
reason that the ISP wants to block outbound webmail spam is because the
100s of BLs on the Internet end up blocking large segments of the IP space
due to spam reporting by end users. The spammer can end up "burning" quite
a few IPs before the feedback loop of user->spam report->BL->ISP->block is
completed. Therefore the ISP wants to be proactive and shut off the spam
before it even starts. Even if it means losing revenue.
This seems to imply that you're using dynamic addressing.
Not in the least. Every downstream customer is assigned a small range of
static IPs. Some get 8 IPs. Over the course of a month, the spammer
would walk into the cybercafe and "burn" a different IP each time until
every PC in the small cybercafe would be non-functional. And we have gone
through all the administrative ideas for combating this. No need to
review that. Been there. Done that. Lots of times. If you have some
technological solution - then please post so all can benefit. If you have
nice ideas, or thoughts, please spare the N:I ratio and end this thread.
The rather obvious solution would seem to be that you provide static
addressing. It also makes it rather easier to identify the spammer when the
complaints come in since you won't need to grovel through your RADIUS logs.