Re: My two cents

7 views
Skip to first unread message
Message has been deleted

Paul Herring

unread,
Nov 23, 2009, 5:03:19 AM11/23/09
to reca...@googlegroups.com
On Mon, Nov 23, 2009 at 9:46 AM, hunt <peter...@citizensadvice.org.uk> wrote:
> This may be a stupid suggestion, but why not block all known spam IP
> address at the Web Server or Firewall level, if these machines cant
> access your server they can't send spam, am I right?
>
> if you do not have access to the server management console ask your
> administrator.

There are packages out there that will do this for you, however the
problem with this is that not all spam IP addresses are known.


--
PJH

http://shabbleland.myminicity.com/
http://www.chavgangs.com/register.php?referer=9375
http://www.kongregate.com/?referrer=Shabble

Squeak

unread,
Nov 23, 2009, 5:45:43 AM11/23/09
to reCAPTCHA
All well and good banning known spam IP addresses, but what about
those of us who are on shared IP addresses, therefore if someone else
starts using that IP for spamming purposes then the ones on that IP
who don't spam get punished as well. Not really that fair is it.
Some people who send spam do on "sleeping" computers, so those fools
who leave there computer on all the time, even when the user is
sleeping, it is my understanding that a spammer could access that
computer if the correct software is installed without the users
knowledge, they can then send out spam without even affecting the IP
they are using

On Nov 23, 9:03 pm, Paul Herring <pauljherr...@gmail.com> wrote:

Paul Herring

unread,
Nov 23, 2009, 5:55:07 AM11/23/09
to reca...@googlegroups.com
On Mon, Nov 23, 2009 at 10:45 AM, Squeak <ga...@garyfoster.net> wrote:
> On Nov 23, 9:03 pm, Paul Herring <pauljherr...@gmail.com> wrote:
>> On Mon, Nov 23, 2009 at 9:46 AM, hunt <peter.h...@citizensadvice.org.uk> wrote:
>> > This may be a stupid suggestion, but why not block all known spam IP
>> > address at the Web Server or Firewall level, if these machines cant
>> > access your server they can't send spam, am I right?
>>
>> > if you do not have access to the server management console ask your
>> > administrator.
>>
>> There are packages out there that will do this for you, however the
>> problem with this is that not all spam IP addresses are known.
>
> All well and good banning known spam IP addresses, but what about
> those of us who are on shared IP addresses, therefore if someone else
> starts using that IP for spamming purposes then the ones on that IP
> who don't spam get punished as well.  Not really that fair is it.

I disagree. It's entirely fair.

If you're using a provider/network that hosts a spammer, it's more of
an incentive either for your sysadmins to sort the spammer out for the
benefit of their other customers such as yourself, or for you to
obtain a service from a provider that isn't quite so accepting of
spammers.

Note that IP's get on these lists for sending huge quantities of spam,
not just one or two messages.

> Some people who send spam do on "sleeping" computers, so those fools
> who leave there computer on all the time, even when the user is
> sleeping, it is my understanding that a spammer could access that
> computer if the correct software is installed without the users
> knowledge, they can then send out spam without even affecting the IP
> they are using

Those pieces of 'software' are typically called trojan horses and
viruses, and again, if your provider/network sysadmins are blithely
allowing compromised computers on their networks without attempting to
do anything about it to the point where their network is becoming a
problem to others, then it's time to move provider/complain to your
sysadmin

Squeak

unread,
Nov 23, 2009, 6:41:18 AM11/23/09
to reCAPTCHA
In the past my domain has been used for spamming purposes, I didn't
spam anyone, the spammers just used it. I have received spam email
from "Verizon", "Facebook" the owners of the domain don't know that
there domain is being used, and there is little they can do to stop
it.

Regarding my IP's if you look at Australia, unless you are in one of
the capital cities, you only have the option of one service provider,
not very good is it. Why is it OK to just say, right we are getting a
lot of spam from Pig Pond, let's disable that network from gaining
access to my website.

Paul Herring

unread,
Nov 23, 2009, 7:00:57 AM11/23/09
to reca...@googlegroups.com
On Mon, Nov 23, 2009 at 11:41 AM, Squeak <ga...@garyfoster.net> wrote:

> Why is it OK to just say, right we are getting a
> lot of spam from Pig Pond, let's disable that network from gaining
> access to my website.

Why is it alright to simply accept that Pig Pond is sending spam and
not bother doing anything about it?

hunt

unread,
Nov 23, 2009, 7:08:57 AM11/23/09
to reCAPTCHA
I have to agree with Paul, it is absolutely fair.

One infected PC will infect others so why have it on your network.

I have referenced incoming SPAM IP addresses with those list over at
http://www.botscout.com/ and these address seem to be spam farms,
therefore I doubt any lonely user is being affected by IP blocking.

Squeak

unread,
Nov 23, 2009, 7:42:59 AM11/23/09
to reCAPTCHA
Sorry that should have been big pond. But lets say, someone in Africa
hi-jacks a computer that has been left on by the user and has gone
away. The hi-jacker can send spam through that computer. Big pond is
the only ISP that serves 99% of the population of Australia, why
should the majority be punished because someone didn't switch there
computer off. It's all well and good saying use a different provide,
but in Aus this is not exactly an easy thing to do, especially those
who live in the bush. How do they hi-jack it, they download a piece
of software onto your computer when you visit a site. How much
spyware do you have on your computer, most people have some. This is
the same principle, the software is installed without the users
knowledge, nothing the user can do, not much, apart from barring the
site and ISP can do. If you find a site with this kind of thing on
it, Google normally warns you, but it is still up to the user if they
want to visit, they don't actually stop them from entering the site.

I'm not saying that big pond shouldn't do something about it, I just
think that it is a bit harsh to ban everyone that uses a provider.
I'm not saying big pond has a lot of spam, this is just the only
example of a service which has a monopoly over the majority of a
country, I am sure there are others. If one route is closed down,
then I'm sure the spammers will go down another route.

On Nov 23, 11:08 pm, hunt <peter.h...@citizensadvice.org.uk> wrote:
> I have to agree with Paul, it is absolutely fair.
>
> One infected PC will infect others so why have it on your network.
>
> I have referenced incoming SPAM IP addresses with those list over athttp://www.botscout.com/and these address seem to be spam farms,

Paul Herring

unread,
Nov 23, 2009, 7:49:35 AM11/23/09
to reca...@googlegroups.com
On Mon, Nov 23, 2009 at 12:42 PM, Squeak <ga...@garyfoster.net> wrote:
> Big pond is
> the only ISP that serves 99% of the population of Australia, why
> should the majority be punished because someone didn't switch there
> computer off.  It's all well and good saying use a different provide,
> but in Aus this is not exactly an easy thing to do, especially those
> who live in the bush.

Ok, so the other option, which I did point out at the beginning, is to
speak with your sysadmin to get the rogue computer off the network, so
that you're no longer blacklisted.

Why should the rest of us suffer?

> How do they hi-jack it,<snip>

Have you heard of antivirus?

> I'm not saying that big pond shouldn't do something about it, I just
> think that it is a bit harsh to ban everyone that uses a provider.

If the provider is 'that big,' then I don't think the whole IP space
of that provider would be blocked. Unless their whole IP space fits
into a /24 or so. Or unless the sysadmins of that provider are proving
particularly clueless.

AOL doesn't get a blanket ban simple because a few of their computers
are spewing spam, for example. Nor do my own provider (Virgin.)

Charles Sweeney

unread,
Nov 23, 2009, 5:22:50 PM11/23/09
to reCAPTCHA
Squeak wrote:
> All well and good banning known spam IP addresses, but what about
> those of us who are on shared IP addresses, therefore if someone else
> starts using that IP for spamming purposes then the ones on that IP
> who don't spam get punished as well. Not really that fair is it.

You bet it's not fair. It's also not so simple to stop a new user on
a server sending out spam as it is often claimed.

I used to be with Blueyonder in the UK. They were about the biggest
internet provider (or certainly one of them) at the time. Some server
admins blocked ALL users from them due to them having some spammers.
Tarring everyone with the same brush is their game. It is not so easy
to fix as is often claimed (by people with no experience of providing
such a service) and it is NOT cheap.

It should be noted though, that anti-spam zealots have "certain" life-
skill issues (to be polite).

--
Charles Sweeney
http://FormToEmail.com
PHP mail script with reCAPTCHA

Charles Sweeney

unread,
Nov 23, 2009, 5:27:35 PM11/23/09
to reCAPTCHA
Paul Herring wrote:

> AOL doesn't get a blanket ban simple because a few of their computers
> are spewing spam, for example. Nor do my own provider (Virgin.)

Blueyonder did. Funny enough, now owned by Virgin!

Surely you're not saying that system admins now realise that a few
spammers out of a million customers doesn't mean that ALL the
customers are spammers??! Rejoice!! There's light at the end of the
tunnel!

:o)

Paul Herring

unread,
Nov 23, 2009, 5:36:16 PM11/23/09
to reca...@googlegroups.com
On Mon, Nov 23, 2009 at 10:27 PM, Charles Sweeney <con...@identipic.com> wrote:
> Paul Herring wrote:
>
>> AOL doesn't get a blanket ban simple because a few of their computers
>> are spewing spam, for example. Nor do my own provider (Virgin.)
>
> Blueyonder did.  Funny enough, now owned by Virgin!
>
> Surely you're not saying that system admins now realise that a few
> spammers out of a million customers doesn't mean that ALL the
> customers are spammers??!   Rejoice!!
> There's light at the end of the tunnel!

I never said, nor implied, that was the case to begin with. Because it
wasn't. And isn't.

So, no. I'm not saying that.


p.s. You need to work on your hyperbole. And the sarcasm.

Charles Sweeney

unread,
Nov 23, 2009, 5:44:21 PM11/23/09
to reCAPTCHA


Paul Herring wrote:
> p.s. You need to work on your hyperbole. And the sarcasm.

It's the way I am, Paul...I can't help it!
Reply all
Reply to author
Forward
0 new messages