ISP wants to stop outgoing web based spam
Hank Nussbacher
hank at efes.iucc.ac.il
Thu Aug 10 19:50:23 UTC 2006
On Thu, 10 Aug 2006, Peter Corlett wrote:
>
> On 10 Aug 2006, at 19:12, Hank Nussbacher wrote:
>> I'll answer on-list since this answer can benefit others. The primary
>> reason that the ISP wants to block outbound webmail spam is because the
>> 100s of BLs on the Internet end up blocking large segments of the IP space
>> due to spam reporting by end users. The spammer can end up "burning" quite
>> a few IPs before the feedback loop of user->spam report->BL->ISP->block is
>> completed. Therefore the ISP wants to be proactive and shut off the spam
>> before it even starts. Even if it means losing revenue.
>
> This seems to imply that you're using dynamic addressing.
Not in the least. Every downstream customer is assigned a small range of
static IPs. Some get 8 IPs. Over the course of a month, the spammer
would walk into the cybercafe and "burn" a different IP each time until
every PC in the small cybercafe would be non-functional. And we have gone
through all the administrative ideas for combating this. No need to
review that. Been there. Done that. Lots of times. If you have some
technological solution - then please post so all can benefit. If you have
nice ideas, or thoughts, please spare the N:I ratio and end this thread.
-Hank Nussbacher
http://www.interall.co.il
>
> The rather obvious solution would seem to be that you provide static
> addressing. It also makes it rather easier to identify the spammer when the
> complaints come in since you won't need to grovel through your RADIUS logs.
>
>
More information about the NANOG
mailing list