On Thu, 19 Oct 2006, Bill Stewart wrote:
Are you sure? 85/8, that's a lot of unreal estate.
<measl@mfn.org>: host mx1.mfn.org[204.238.179.8] said: 554 <v64.ativel.com[85.10.225.64]>: Client host rejected: 85/8 banned for abuse (in reply to RCPT TO command)
The whole /8? I'd certainly say it's a lot - it's not even a single Class A owned by a carrier like AT&T or UUNet, but has a number of different ISPs in different countries owning chunks of it. leitl.org has a /24 that's part of an ISP /18 in Germany, and I saw some Swisstel in another /18 there.
That's the kind of global overkill I'd expect from an irresponsible spam-blocker list like SPEWS, and even for them that would be pretty excessive.
Ahhh, but I have a *lot* more flexibility here than SPEWS does. I can set filters by individuals, and I have little need for the vast majority of IP space - therefore I filter very hyperagressively for this domain. Prior to this "overreaction", I was receiving approximately 25K spam emails per day (on an *average* day - there have been *much* worse!). Now, I see less than several hundred: a fair trade for the rare false positive (about 75% of which come from this list, and of which I see less than a dozen per year). I have literally dozens of /8s on block: All of APNIC, AFRINIC, South America, Israel, Russia and neighboring real estate... You get the idea. The policy here is that if an abusive email gets through: (1) If generated by a hosting company, the entire allocation to that hosting company is blocked; (2) If from dynamic space, it was missed the first time, so added now; (3) If from a microallocation (/25-/32) I block the micro, and if from a company with significant space, but what appears to be just a compromised host, the /24 in which that host lives. It works. -- Yours, J.A. Terranson sysadmin@mfn.org 0xBD4A95BF "Surely the larger lesson learned from that day is that other men, all over the world, took inspiration not from the heroism of the rescuers in New York or the passengers flying over Pennsylvania, but from the 19 hijackers - the twisted brilliance of their scheme and their willingness to sacrifice their lives to make a political and, as they saw it, religious statement." Richard Corliss/Time Magazine 11 Aug 2006