Re: [exim] automatically blacklisting clients that fail SMTP…

Top Page
Delete this message
Reply to this message
Author: Chris Wilson
Date:  
To: WJCarpenter
CC: exim-users
Subject: Re: [exim] automatically blacklisting clients that fail SMTP authentication
Hi all,

On Fri, 10 Jun 2011, WJCarpenter wrote:

>> Once in my practice I've met an ISP who blocked their client, and when
>> he contacted call-center he was told "Your account was suspended,
>> because your computer is heavily infected. Please clean it up, send us
>> a list of viruses you've identified there, and we will renew your
>> account".
>
> Comcast (big US cable ISP) does something like this. I experienced it
> firsthand when a house-guest had an infected laptop. Comcast applied
> filtering to outbound port 25. They then sent me an email explaining
> that they had detected spam from my location, suggested ways to check
> all my PCs for malware (Comcast also provides a free Norton security
> suite to all customers), and told me how I could get port 25 unblocked.
>
> I thought that was remarkably cool: proactive and fair.


It's a nice idea, but it doesn't seem to be working well for Comcast.
They made it onto my local blacklist a long time ago, in July 2008:

drop hosts = 75.144.0.0/13 : 70.88.0.0/13 : 173.8.0.0/13
         message = Local blacklist of COMCAST
         # spectrum uniforms spam, 080703
         # 419 spam, RO, 090409
         # chinese spam, US, 100913
         # unreadable spam, US, 110112


And I've dropped 451 spams from them to a single IP in the last two years.

Cheers, Chris.
-- 
_____ __     _
\  __/ / ,__(_)_  | Chris Wilson <chris+sig@???> Cambs UK |
/ (_/ ,\/ _/ /_ \ | Security/C/C++/Java/Ruby/Perl/SQL Developer |
\__/_/_/_//_/___/ | We are GNU : free your mind & your software |