I know this is going to get all those defenders of VO worked up, but you'd better think hard about this before you post something nasty to me. This affects you just as much.

I have been a VO customer for awhile. I am not going to give my URL, because I am moving my site away from them immediately and because this has nothing to do really with the level of customer service, which I agree is very good. This has to do with VO attempting to blame their own inability to deal with spammers on their network on other parties and an outright lie posted by Paul on their forums in response to a complaint by someone that mail to AOL was being returned due to the sending IP being on a blacklist.

This is the thread at the VO forums
http://www.venturesonline.com/forums/showthread.php?threadid=3449

This is Paul's message in that thread
"What we know so far is about 1 week ago AOL blocked all servers on the internet that did not have reverse DNS setup, We have added the reverse DNS and are working with AOL to be removed from their block list.

This has effected a lot of providers not just VO."

I posted a response to this, indicating that this was a lie. In part, my post pointed out that AOL certainly did not "block all servers on the internet" that did not have a reverse DNS. I regularly receive mail at an AOL account I maintain for client contact purposes from servers that do not have reverse DNS set up. I further indicated that the real problem is that VO fails to respond in a timely or an effective manner to spam complaints and that I would not continue to do business with a company that attempted to blame their problems (due to inaction on their part) on other parties. In a followup, I posted links to Google searches for venturesonline.com and/or vosn.net in the net-abuse groups so that people could see this is an ongoing problem with VO.

Those links
http://groups.google.com/groups?q=venturesonline.com+group:news.admin.net-abuse.*&hl=en&sa=G&scoring=d
http://groups.google.com/groups?q=vosn.net+group:news.admin.net-abuse.*&hl=en&sa=G&scoring=d

Both posts were deleted, with a direction from Pat to look at the forum rules. Pat then posted a rather lengthy defense of VO, claiming that VO is doing everything they can to get rid of spammers.

I posted again, indicating that I am well aware of the forum rules. Nothing I had to say was "destructive" in any sense. A lie is a lie, no matter who tells it, and Paul flat out lied. VO has been made aware of the spamming issues time and time again. This is the content of my post, saved, because I knew it would be deleted. It was.

"Now wait just a minute here. Why were my posts deleted? I am well aware of the forum rules, and NEITHER post was in breach of those rules. Are you telling me that you consider a discussion of WHY VO wound up on blacklists "unproductive"? Are you telling me that you don't think I have the right to demand from my hosting company WHY they spout outright lies like the one Paul gave us? Now I know for sure I'm leaving. I will NOT deal with a company who does things like this.

And to Pat: if VO were doing its job regarding spam - please, not SPAM, that's a trademark of the Hormel company and something completely different - then VO would NOT have wound up on blacklists. There are complaints about spammers from November 2001 and the spammer being complained about is STILL in the VONOC netblock, which says that VO has done exactly nothing about it. You are putting your clients' livelihoods at risk if those clients rely, as I do, on the ability of mail to reach its destination. Netblocks are not placed on blacklists for one incident. They are placed on blacklists when it becomes apparent that the company in question isn't going to do anything about the spammers on their network.

It doesn't matter if you are working to "prevent" spam. What matters is that you have failed to react properly to the complaints you've received. There are some mail admins who are NEVER going to remove the VONOC netblocks from their blacklists because of the attitude expressed by VO by several reps of the company in nanae. You claim you're communicating with email black lists, and I'd like to know exactly how you think you're communicating with SPEWS, since nobody knows who SPEWS is. On 4-2-2002, Mooneer Salem started a thread called "SPEWS: unfair blockage of 209.197.236.0/25" in nanae which demonstrated zero understanding of why VO was listed there. This was pointed out for the benefit of both Mooneer and Eric, multiple times, and yet the problems listed in that one block - just one out of however many are floating out in the world - remain.

I have little doubt that this will be deleted just like the others. However, I will make my displeasure known in other locations where the mods will not remove posts that are both factual and ask questions that need to be answered."

After deleting that message, Pat offered to deal with me "personally". I don't want to be dealt with "personally". I do not need technical support in this instance. I need to know that the host I choose takes a strong enough stand against spamming and a reasonable enough attitude toward those who report it that I don't need to worry about my mail getting bounced or, even worse, disappearing without a trace because the mail admin thinks it's easier to just /dev/null incoming mail from a blocked range instead of sending a failure notice back.

There is a spam site listed on the sites list at http://www.spamsites.org that has been there for 28 days. No one can possibly tell me that in 28 days nothing could be done about this unless the company just didn't care enough to remove it.

At this point, it is apparent to me that first, VO doesn't give two cents about their clients in regard to this issue, or they never would have said the things they have said thus far when there is constant, ample evidence that VO has known about some of these spammers for months and yet has allowed them to remain on the network. Secondly, it is abudantly clear that there are a number of mail admins who are going to let the VONOC netblocks rot in their blacklists permanently, due to the apathetic attitude of VO toward these spammers.

The total incomprehension exhibited by the various people who represent VO gives me pause. I don't want to trust people who have shown that they cannot be trusted in this situation. My mail is not making it to places where it absolutely must go for my business to stay alive, and this is not because of something I've done. It's because the host I selected has failed in their duties and refuses to see that this is a very real issue to their clients, some of whom, like myself, will not accept half-baked answers or lies from the people who are supposedly in technical support and who should know better what the real issue is instead of making it necessary for a client to point out the problem for them.

[Edited to correct a typo]

VO doesn't like to deal with such long problems. The most customers who like VO are the onse that never have problems, or submit easy tickets that can be fixed in a minute. They'll hardly go far enough to help an individual client.

I could care less if someone replies and flames me.

Although I can't comment directly on the spam issue, I can say that VO has been great, there support has been excellent on BOTH big and small issues.

Most emails are answered well within an hour!

I have no complaints!

I'm thrilled for you, but as I said I have no problems with VO support in the general sense. This, however, is a very, very serious issue. If you have a server on their netblocks, you run the risk of having your mail blocked by association. How does that make you feel about their lax attitude in addressing this problem?

a)I was really posting in response to Shyne.
b)Just last week I was contacted by VO about a spam issue, which was quickly resolved, it seemed to me that they were right on top of things.

Maybe Daniel will shed some light on the issue.....

I use them - and yes I have seen a problem with spam coming from their servers because one of my sites is on one that is on the spamcop list. I personally think it is not VO's fault - how could it be? You wouldn't believe how many people go out of the way to abuse the system, cause harm, or generally just do stupid things. When there are so many sites on each of the servers there are bound to be idiots spamming on there. I have a problem with how some places block the entire webserver instead of the individual domain doing it - and people that fight spam are generally falling short because there are so many ways around their system - and for every spammer they take down they don't mind taking down about 50 non spammers in the process.

I have had nothing but good luck with VO - and I'm staying with them but getting my own servers so I have a little more control over this kind of thing. If they have so many resellers on there- how can they control the type of site- and who that reseller is attracting- so it's just asking for trouble- and I imagine that many hosts are in the same boat.

If you want a real taste of hell- try being a freehost who provides hosting to an anonymous non paying base :) at least now I don't provide any sort of email accounts to my freehost users - so I am a little less troubled lately.

JDT

Spam is and issue and worked on daily here at VO. There is no way when you host as many servers and customers as we do not to get some ips listed at some point. Are there some spam sites on our network I would bet so yes but to say we do not work on spam issues are just not true.

Spam nowdays is a fulltime job you really have no idea of how much time and effort is put in to stoping spam, spammers are getting smarter everyday they find new ways around any prevention you have in place.

The AOL issue with blocked mail is true it was a DNS issue and not spam, I bet more that a few hosts here ran into this issue.


You talk about http://www.sengir.demon.co.uk/live_sites.html we are listed one time in that list and that site will be delt with ASAP also this is not a direct customer of VO but a site hosted on a leased server.
One listing is not to bad compaired to some of the other well know hosts on that list but we prefer not to be listed at all.

Shyne we deal with every issue thrown our way, big or small bigger issues take time to resolve but they are delt with just like any other issue.

Switched to Ventures Online from Aletia last week.
It's like trading in a Volkswagen for a Cadillac.
I have no problem with my email.
Love them!

Beerblast

I wish you the best of luck with your new host. As far as the whole spam issue goes, I think blaming VO is like blaming the post office for all the junk mail you get.

By no means does VO want to get on these lists, and you seem to have some personal insight to VO's intentions. It seems to me that VO is intent on working with the parties involved to solve the problem to the best of their ability.

As far as your posts on the forums, you are posting on VenturesOnlines private forums. Things aren't always democratic on the internet, and any company has the right to delete what posts they feel necessary. You seem intent on exposing VO customers to the evils of VO, but Im confident they can make that decision themself.

I have tried different hosts. Ive had hosts suspend SMTP service, shut down email as a whole, and hosts that plain out suck, and so far VenturesOnline seems to be one of the best ones. I use AOL, as do many people, and im confident VO is working as hastily as possible to remedy the problem.

I get SPAM from Bellsouth, AOL, Cable Modem companies, and pretty much everyone else, and quite honestly in all the months Ive been reporting mail to SPAMCOP.net I have yet to report one to VenturesOnline.

And just to the first and second people who had negative views of VenturesOnline, do you mind posting your domain so we can do a whois? I find it hard to believe that anyone can be dissatisfied with their support.

Good luck on your search for a new host though, and I hope that you find a bit more satisfaction, though I will continue to enjoy and support VenturesOnline.

By no means does VO want to get on these lists, and you seem to have some personal insight to VO's intentions. It seems to me that VO is intent on working with the parties involved to solve the problem to the best of their ability.It is more than fair to judge their intentions based on their apparent lackadaisical attitude towards getting their IPs taken off black lists. Sure, they don't want to get on the lists - but based on GeeksRUs's post, getting off the lists doesn't seem to be priority one, or any priority for that matter.

I'd like to see some proof of AOL blocking all mail hosts without reverse dns. Didn't they try enforcing HTTP standards a while ago?

JDT
I personally think it is not VO's fault - how could it be? You wouldn't believe how many people go out of the way to abuse the system, cause harm, or generally just do stupid things. When there are so many sites on each of the servers there are bound to be idiots spamming on there. I have a problem with how some places block the entire webserver instead of the individual domain doing it - and people that fight spam are generally falling short because there are so many ways around their system - and for every spammer they take down they don't mind taking down about 50 non spammers in the process.

VO is responsible for the clients on their servers. That is a fact. VO has found itself in blacklists because they refuse to deal with the spammers on their networks. That is also a fact. Entries into blacklists are not made after one spamming incident or even two. They are mode because the complaints are not resolved satisfactorily. That is a fact. If you don't mind that your mail gets dropped at places when you send it out, expecting it to arrive safely, more power to you. I happen to rely on mail delivery for my business.

TheMMIz
As far as the whole spam issue goes, I think blaming VO is like blaming the post office for all the junk mail you get. [Plus the rest of your post]

Incorrect, and a bad analogy. I am not referring to spam I receive from outside locations to my VO account, and the remainder of your post regarding spam you receive from various locations is irrelevant. I am referring to email I send out to anyone, which I expect to be delivered. VO's inaction in regard to spammers on their network causes that mail delivery to fail. Just because you have never reported any spam to VO does not mean that they do not have spammers on their network, as those links I provided show, and whether you have received it or not is irrelevant.

I posted to the VO forums as a customer, raising a legitimate service issue. Yes, those types of forums are private. However, it is my right as a customer to raise issues like this one to find out just how my host is going to address it. They have chosen to bury their heads in the sand. You're happy with that, it appears, and that's fine. If you find your important, business-related mail blocked one day, I wonder if you'll change your mind about this issue.

GeeksRUs, I read your initial post at VO earlier today and it struck me as unnecessarily contentious. Coming out of the chute shouting "Liar!" on a host's forum is a sure way to get your post deleted. If that happened on my forum, I'd delete it too. We all have a right to free speech, but we also have a responsibility to filter it through good judgment.

Of course, this spam issue is an urgent and serious one. But I believe there was a better way to get your point across. Having been associated with VO since they opened their doors -- and knowing some of their staff since well before that -- I can safely say that letting things like this slide just isn't in character.

Originally posted by Paul L.
[B]Spam is and issue and worked on daily here at VO. There is no way when you host as many servers and customers as we do not to get some ips listed at some point. Are there some spam sites on our network I would bet so yes but to say we do not work on spam issues are just not true.

There are larger companies than you who deal with their spam issues immediately and effectively. Those companies do not wind up in various blacklists and their customers do not find their email blocked because of it. There are a number of spam sites on your network, just in the VONOC blocks, and not including the Verio assignments.

Daily work for VO seems to equate to ignoring spam reports.

Stocktalkreport.com - first sighting March 15 2002 - still in VO netspace
http://groups.google.com/groups?hl=en&scoring=d&q=stocktalkreport.com+group%3Anews.admin.net-abuse.*&btnG=Google+Search

upayhalf.com - first sighting March 1 2001 - still in VO netspace
http://groups.google.com/groups?hl=en&scoring=d&q=upayhalf+group%3Anews.admin.net-abuse.*&btnG=Google+Search

mommytips.com - first sighting April 9 - still in VO netspace
http://groups.google.com/groups?hl=en&q=mommytips.com+group%3Anews.admin.net-abuse.*&btnG=Google+Search

racing-forums.com - first sighting April 9 - still in VO netscape
http://groups.google.com/groups?hl=en&q=racing-forums.com&btnG=Google+Search&meta=group%3Dnews.admin.net-abuse.*

There are more, but I think you get the general idea. This does not include all the nonsecured form to mail script garbage that is also apparent out there.

Spam nowdays is a fulltime job you really have no idea of how much time and effort is put in to stoping spam, spammers are getting smarter everyday they find new ways around any prevention you have in place.

Son, you have no idea who I am. I know exactly what is involved in fighting spam and spammers. I am a network security specialist who consults on mail-related issues, among other topics. I have been patient with VO, hoping against all evidence presented that VO would pull their head out of their rear end and deal with these issues. This month became the final straw for me, as I witnessed the thread referenced above about the /25 in SPEWS and the cluelessness of the VO people who posted to that thread. Instead of offering up excuses about how difficult it is or whinging about how it is a fulltime job, you should be taking action against the people on your servers who are creating this problem.

The AOL issue with blocked mail is true it was a DNS issue and not spam, I bet more that a few hosts here ran into this issue.

Really? Which ones, pray tell? I've visited a number of other hosts' forums these past three weeks. Nowhere have I seen anyone but you claim that AOL blocked "all servers on the internet" without a reverse DNS. I don't really care what the resolution to your particular problem was. I take issue with your original statement.


You talk about http://www.sengir.demon.co.uk/live_sites.html we are listed one time in that list and that site will be delt with ASAP also this is not a direct customer of VO but a site hosted on a leased server. One listing is not to bad compaired to some of the other well know hosts on that list but we prefer not to be listed at all.

I don't care about other hosts, although I will be checking any potential hosts against a variety of sources to make sure they don't have the same apathetic attitude that VO has. I was not using those hosts. I care about the fact that VO is listed there and is hosting my site. I also care that it appears that you were not going to do anything about it until someone like me posted something like this at a forum such as WHT. I know that hosts receive copies of the spamware notices that Sapient sends out. You chose to ignore it, for 28 days. I don't care if it's your site or a resold site, because in the end, on the blacklists, it makes little difference as VO is responsible for their entire netspace.

Police your netspace like a good, responsible netizen, without being told to do it. Without people having to point to the things that you aren't doing while you claim that you are. The alternative is that you will continually have to explain why more and more mail from VO clients is being blocked at various mail servers.

How would you know if we have a lackadaisical attitude about getting off black lists? You dont so stop acting like you have any first hand knowledge of how things are handled at VO.

Like I said we are not spam free but NO host is that offers email service can be 100% spam free.

We have people that do nothing but handle spam/abuse all day long so to say we have a lackadaisical attitude is just not true.
I invite you to run a network as large as ours and keep it 100% spam free.

If you want proof on the AOL issue just call them and ask I am sure you will get the same service we did.
They told us the 2 servers in question that was blocked was because of Reverse DNS, What do you know we fixed the reverse dns and the problem was solved case closed it had nothing to do with spam at all.

Originally posted by alchiba
GeeksRUs, I read your initial post at VO earlier today and it struck me as unnecessarily contentious. Coming out of the chute shouting "Liar!" on a host's forum is a sure way to get your post deleted. If that happened on my forum, I'd delete it too. We all have a right to free speech, but we also have a responsibility to filter it through good judgment.

I'm sorry you saw it that way or that you feel claims such as the one Paul made are a legitimate way of doing business. I do not mince words. When someone is lying through their teeth, especially about something so stupid - AOL blocking all servers without reverse DNS - when they could just have easily said that the problem lay in the reverse DNS of their own servers, I am not going to hesitate to say so. If they don't like the terminology, they shouldn't engage in the activity. Food for thought: it would have been a simple issue to just edit out that part of the post, would it not? However, it seems that VO had no interest in addressing the issue whatsoever. Their actions make it clear their intent.

Of course, this spam issue is an urgent and serious one. But I believe there was a better way to get your point across. Having been associated with VO since they opened their doors -- and knowing some of their staff since well before that -- I can safely say that letting things like this slide just isn't in character.

See above. You haven't been watching the net-abuse newsgroups the past few months. VO has gotten themselves a horrible reputation as a spammer support host. The impression their staff leave is not quite pristine, either.

Originally posted by Paul L.
How would you know if we have a lackadaisical attitude about getting off black lists? You dont so stop acting like you have any first hand knowledge of how things are handled at VO.

It's quite apparent by the number of spammers who remain in VO netspace after being reported. See above.

Like I said we are not spam free but NO host is that offers email service can be 100% spam free.

We have people that do nothing but handle spam/abuse all day long so to say we have a lackadaisical attitude is just not true.
I invite you to run a network as large as ours and keep it 100% spam free.

You are missing the point. No one is asking that VO keep their network 100% spam free. Every host is going to have spammers pop up on their network. The difference between those not on the blacklists and those that are is the way those spammers are handled. VO handles things very, very poorly. It is apparent that whoever you claim is handling abuse all day is not doing their job.

If you want proof on the AOL issue just call them and ask I am sure you will get the same service we did.
They told us the 2 servers in question that was blocked was because of Reverse DNS, What do you know we fixed the reverse dns and the problem was solved case closed it had nothing to do with spam at all.

Again, you miss the point. The point is that you made an outrageous claim on your forums, obviously untrue. I take exception to technical support people trying to lie to customers, most of whom would not have any clue they were being had.

What was untrue about my post on our forums?
The AOL issue was solved by adding reverse DNS would you like the log files to proove this?
Pat from VO offered to talk to you about this issue and you did not wish to do that.
Its clear you are a troll with nothing better to do that call me and VO a liar something I am not and I can assure you sir you would not call me that to my face.

I never said we was 100% spam free, yes spam is a issue for us like all hosts and we knew we needed a stronger system in place so we have started addressing issues with spam and working directly with some of the lists to help solve the issues.
One of the biggest problems we had was the formmail bug spammers was having a field day on this so we are taking steps to solve this now.

All we can do is take it one step at a time and resolve issues but to come here and say we are doing nothing is not true.
And you sir have no first hand knowledge of what goes on in our office every day to fight spam.

I am sorry to the rest of the readers about my tone in this post but I will not stand back and be called a liar by anybody.

Originally posted by GeeksRUs
Son, you have no idea who I am. I know exactly what is involved in fighting spam and spammers. I am a network security specialist who consults on mail-related issues, among other topics

And it looks to me like you've blown a potentially lucrative consulting gig. ;)

So this is how customers are really treated if they stray from the party line. I'll keep that in mind when I'm recommending hosts.

You wrote, in the VO forums
"What we know so far is about 1 week ago AOL blocked all servers on the internet that did not have reverse DNS setup"

Show us when and where AOL did this, please. As I mentioned in one of my posts, I receive mail at AOL accounts from servers without reverse DNS configured. How is that possible if your claim is true? The actuality of this is that your servers were blocked because they had no reverse DNS. Why blame the issue on AOL when it is in fact your issue? Why is it so damned hard for some hosts to simply tell the truth? cimshimmy has asked in this very thread for some proof that AOL is doing this. You cannot provide it, because it is not so. Ergo, you were either lying when you wrote the above to your own forums, or you are so inept technically that you did not realize how it would sound to people like myself. Which is it?


You write
"I never said we was 100% spam free"

How many times do I have to repeat this? The problem is NOT that you are not 100% spam free. The problem IS that you DO NOT ADDRESS THE SPAM ISSUE IN YOUR NETSPACE. That much is apparent by the links I've already provided.


You write
"we have started addressing issues with spam and working directly with some of the lists to help solve the issues"

Question: why was it so difficult to address these issues before it went on for so long that Vo wound up on the blacklists and had no choice but to deal with it? Question: if there were no such thing as a blacklist, is it liekly that VO would have continued to ignore spam complaints? The answer to that that, from my seat, is an emphatic yes, given the history of VO thus far. The way out of the blacklists is via removal of spammers. You have been told this time and time again, yet have not listened or there would be no need to "work with some of the lists".


You write
"All we can do is take it one step at a time and resolve issues but to come here and say we are doing nothing is not true"

Have you removed mommytips.com yet? racing-forums.com? stocktalkreport.com? If not, why not? There is ample evidence they are spammers, and reports to the net-abuse groups show that you have been sent complaints regarding these sites. As of this moment, all are up and operational. All have been reported at least a week ago, some before that. Ergo, you are doing nothing to remove them.

http://groups.google.com/groups?hl=en&threadm=uIwq8.12176%24ml2.964473%40newsread1.prod.itd.earthlink.net&rnum=34&prev=/groups%3Fq%3Dspews%2Bunfair%2Bblockage%26start%3D30%26hl%3Den%26scoring%3Dd%26selm%3DuIwq8.12176%2524ml2.964473%2540newsread1.prod.itd.earthlink.net%2 6rnum%3D34%26filter%3D0


You write
"And you sir have no first hand knowledge of what goes on in our office every day to fight spam."

It's easy to tell what is not happening. Spammers are not removed from your netspace. This has a direct impact on me and my site because it means the probability of VO landing in even more blacklists increases every day.

Originally posted by alchiba


And it looks to me like you've blown a potentially lucrative consulting gig. ;)

I thought about that, I really did. That was while I was investigating this entire issue, but before I came across that thread in the VO forums and before my concerns were dumped from that thread. That pretty much told me there was no contract available there.

:D

To me it just looks like GeeksRUs is a troll.

Proof of a host with the Reverse DNS issue and AOL
http://webhostingtalk.com/showthread.php?threadid=44911&highlight=gordon


Need I say more? No I am done with this thread I have no reason to proove I am not a liar anybody here that knows me knows better than this.

GeeksRUs I did think about talking to you,, but after you call me a liar here and on my own forum I would be crazy to do enter in a contract with your type.

Originally posted by GeeksRUs
I thought about that, I really did. That was while I was investigating this entire issue, but before I came across that thread in the VO forums and before my concerns were dumped from that thread. That pretty much told me there was no contract available there.

As I hinted at earlier, if this was approached differently from the start it could have been a win-win situation instead of what it is now.

Oh, well. It's not my play, so I'll butt out of this.

Frosty, thanks for the ever so enlightening comment.

Paul, it is clear to me that you are unwilling to address the issues here.

"What we know so far is about 1 week ago AOL blocked all servers on the internet that did not have reverse DNS setup" (emphasis mine)

You point to a single example. Out of the hundreds (if not thousands) of hosts that populate this forum, you can come up with one single item? What about all the other servers without reverse DNS configured? Have you polled them all? Can you point to any policy statement from AOL indicating this? Fortunately, I'm not as concerned about this particular issue, although I still term that statement of yours a bald lie.

So, will you be addressing the remainder of my questions regarding spammers on your network? Despite your comment, I do not believe for a moment that you even began to consider contacting me. You had no idea I was a customer until that very first post I made, where (as alchiba points out) I did call you on your statement, and no idea that I even worked on things like this until I pointed it out for you here. alchiba, I suppose I should expand on that little piece I posted: it was entirely clear to me, based solely on Google readings, that VO has no interest in taking anyone's advice, even the advice of those people whose daily job involves running mail servers. If they had, they would not be in this particular boat, would they? Pity.

When Aunt Sally can't send email to her darling nephew because VO fails to act and winds up in more blacklists, and then shows up in the new-abuse groups, do you know the standard advice given there? "Get another host who pays attention to spam issues." I gave VO the benefit of the doubt. They repaid me by continuing to act like the rules of good sense and netiquette do not apply to them.

I have been contacted by another party, not from this forum, in regard to a contract. They are implementing a new email system, with the project timeline beginning next week, for a midsized ISP. Are you beginning to get an idea of just how important it is now that VO has ignored spam issues within their netblocks?

Anyhow, if VO are blacklisted at Spews then they are truly screwed. They are the biggest agency and operate out of Russia, I think. If you get on their list, that's it. They don't remove IPs as a matter of policy.

People can get unlisted at spews you just have to handle it the right way.
The ips listed at spews are a very, very small % of our total ips most are from leased servers and we have to work thru channels to take care of the issues with them but we ARE working on the issues.

This thread could have been about any number of hosts on this board just go to google groups and do a search for some of the hsots on here you will be susprised by the numer of hosts that are listed.

I wont say hosts names but just about every large host on here is listed in some way for spam.

I don't know about this one. I think Paul feels a bit errrr... bashed to a degree as you aren't saying, "This is my experience. This is what I've found. Regarding this statement, I think you may be incorrect..." -you're just calling him a liar and coming down hard. The statement may (or may not) have been incorrect, but you're coming off very strong, and people tend to shut out comments when they are shoved down their throat.

I'm not saying anyone is right or wrong, just that a slightly different method to get the point across may serve you, the rest of the VO clients, and VO, better in terms of solving this problem (not saying it is even a problem or not).

Sorry, Chicken. As I've said, I don't care quite as much about that as I do about this spamming issue. The first was something that did light a fire under my butt, since I had been working on this for several weeks, only to see a comment like that. Be that as it may, the real issue is still with us all, no matter how hurt Paul's feelings might be because I don't mince words. Paul, since you're still here based on the visitor log, how about I just tell you to ignore that issue (heck, you could consider it an apology if it makes you feel better, for all I care) and we move on to the real issue?

VO is considered a spamhaus, and not just by me. The second link below might be rather interesting to people who think that I'm simply trolling here or that these concerns are not valid. When you respond to peoples' complaints by insulting them or worse, don't respond at all, they will let you rot forever in any list that holds your netblocks. Some of them will even place you in permanent blacklists because you acted like a jerk.

NexDog, I've seen listings removed from SPEWS. It does happen, although it can take some time. I worked with one host who managed to get rid of their spammers, close one open relay, and apologize profusely. They had to wait, as most do when their record is quite poor. If it weren't possible, there would be incentive to clean up a network. Private blacklists, however, are not so easy to get out of once the administrator or contact for the listed network shows that they have no concern for the listing and are rude, abusive, or otherwise insulting from the very people trying to help them in NANA*. My current problem is that VO is falling into that category, and while they were my host of choice, I can't have my mail blocked at any point because VO do not act responsibly - that is the crux of this whole issue, the other tangential issues aside. As it is, it's unlikely VO will even be able to crawl out of SPEWS at all, given some of their posts to NANAE over the last 6-8 months:

http://groups.google.com/groups?q=venturesonline+spews&hl=en&scoring=d

Or something like this
http://groups.google.com/groups?q=venturesonline+spews&hl=en&scoring=d&selm=9%24--%24%24-__%25_-%25%25-_%24%24%40news.noc.cabal.int&rnum=5


I have a friend who also hosts at VO. At this time, he is not in any range that is blocked. However, after speaking to him tonight, he will be departing as well. 50% due to the spammer problem, 50% due to what he's seen from VO in Google, at the VO forums, and here.

Chicken, I will apologize to you (and to the hundreds of people who have read this thread) for letting this thing get off on a mild tangent rather than just repeating my question to Paul over and over about how VO handles spamming from its network.

Originally posted by Paul L.
People can get unlisted at spews you just have to handle it the right way.
The ips listed at spews are a very, very small % of our total ips most are from leased servers and we have to work thru channels to take care of the issues with them but we ARE working on the issues.

My questions that you ignored previously remain. If there was no danger of a blacklisting, if someone like me didn't raise a stink, would you be doing anything about it? The evidence suggests not, as you have spammers in your network, you have known about them for some time, and yet they remain. Actions speak louder than words, as readers of NANAE can tell you and as VO reps have been told repeatedly.

What "channels" do you have to work through? I spoke to one host tonight and asked them about resold clients that spam. Were they treated any differently? Answer: No. Resold sites are terminated and the reseller notified that the site has been removed. Result? No blacklists for that host, and a reputation for being quite harsh on spammers. You are the owner of those servers, are you not? You have an antispam policy, do you not? You have had reports of spammers under various resellers or dedicated clients, have you not? What does it take beyond being blacklisted?

This thread could have been about any number of hosts on this board just go to google groups and do a search for some of the hsots on here you will be susprised by the numer of hosts that are listed.

But this isn't about those hosts. This is about VO and why it took landing on blacklists to get action.

I wont say hosts names but just about every large host on here is listed in some way for spam.

Sigh. The point is still escaping you. You can call this the GeeksRUs Rule if you want: All hosts will have spammers at some point. The difference between hosts that show up in NANA* in passing do not wind up on blacklists. They deal with the spammers and move on. VO has shown that they do not do this, and thus found themselves on blacklists. The logic here is not difficult. Why not name names? Probably half of the hosts here have dealt with spammers and had that spam posted in the sightings group. There are very, very few, however, that have the sheer number of threads and posts about them that VO does.

the 2nd link you posted is actually quite entertaining in the sense that VO is and does everything possible in removing spammers.

When I didn't know any better and when I was with VO, we had a few spammers, and Daniel went into my box, within 10 minutes, found the spammer and case closed.

So for god sakes, get off your high horse, stop the bragging, and get with reality. You've shown us in every one of your emails that you know how to use goggle. I use goggle every day, that doesn't really account for anything.......You can send us links all day, it wont be pressed to prove any of your points. Its clear to everyone on this board that VO is doing a adequate job of attempting to remove spammers.

If your so illwilled about it, then I suggest calling your lawyer and take legal action, if not, then sit down and stop the child antics of attempting to throw mud everywhere

Let me make sure I understand you here. You believe that spammers reported back in February or March and still active on the VO network equates to VO doing an adequate job of "attempting" to remove spammers? You believe that a host winding up in blacklists is a sign they are doing something about spammers on their network? That's an interesting view you have. I wonder if you would be so charitable if you found that your mail was being blocked because they were doing such an "adequate job of attempting to remove spammers".

That second link was to show what can happen when you are rude to the people who are contacting you. Your post shows what can happen when people do not read carefully enough what they are replying to in their haste to try to stifle someone elses' raising of a very real issue, or you would have found this piece of information from that link:

"So he said on 12/26 that he was taking care of the spammer, and I'm still getting 1-2 MMF spams a day through vosn.net. I'd say they have a backdoor spammer, a pink contract, or that the phrase "taking care of" is used with its nurturing meaning, not the mafioso definition."

Since you're so fond of "goggle", let me toss another out for you. Imagine you have a site or server with VO. You might very well find yourself in the same situation as this guy's poor dad.

http://groups.google.com/groups?hl=en&threadm=9v62h1%241ght%241%40arachne.labyrinth.net.au&rnum=54&prev=/groups%3Fq%3Dventuresonline%2Bspews%26start%3D50%26hl%3Den%26scoring%3Dd%26selm%3D9v62h1%25241ght%25241%2540arachne.labyrinth.net.au%26rnum%3D54%26fil ter%3D0

Pay very careful attention to this thread, especially the last message. This is what can happen when you ignore this issue. You can also make yourself appear very, very silly, as evidenced by the response received by the user from VO and the commentary on that from the people in the newsgroup who happen to be professionals in their fields.

Your post also shows another host to avoid, so I thank you for that.

really......do whatever toots your horn :rolleyes: :rolleyes: :rolleyes:

We had some touble with spam coming from our servers in the past but its not that hard to lock down if you do it the right way.

-Brendan

Originally posted by NexDog
Anyhow, if VO are blacklisted at Spews then they are truly screwed. They are the biggest agency and operate out of Russia, I think. If you get on their list, that's it. They don't remove IPs as a matter of policy.

That is absulutely untrue. SPEWS will de-list anyone who has cleaned up their act almost right away.

-Bob

Originally posted by GeeksRUs
Sorry, Chicken. As I've said, I don't care quite as much about that as I do about this spamming issue.

How about this - instead of simply badmouthing VO, how about doing something positive like helping them out? You are, after all, the big spam expert.

-Bob

Have you ever heard of using another e-mail address? Perhaps it's not very professional although e-mailing your aunt sally is not a professional thing to do. Perhaps I am more tolerant but haven't you learned that nothing is failsafe on the net?
I have at least 4 different addresses that can be used as a safety whenever little problems happen. Besides, they are all free.

I wish my memory served me better because I remember seeing a notice that AOL was doing some fine tuning on their servers to stop spamming.

*raises an eyebrow at the liar statement*

Now *that* is going too far.

This, my foul-mouthed friend is EVIDENCE that aol has a very good and RECENT reason to crackdown on spam.

http://www.internetnews.com/IAR/article/0,,12_1003541,00.html

Let me inform you that others have told me I am very very very patient with my clients and forumers alike (many forumers are children).

HOWEVER, if I *ever* (heaven forbid) had a customer like you calling me and my staff liars when I did all I could, no thanks. I don't need this punishment nor your $20 whatever a month and I applaud VO reps for expressing neither a STINT of unstifled irritation nor a show of unbridled angst. Even after your outburst on here, I humbled by Paul's amazing patience.

View this as kiss-up if you will but Paul probably won't see this and I have no true personal gain except the satisfaction a *diminuitive* part of you may feel upset that another forumer chooses to refute your opinion.

I'm looking for more proof to shut your mouth, Geek so sit tight!!!

Oh you are making a mistake. Basing your opinions off of Geeks' post is erroneous at best. Malicious at worst.

It's evident he'd do anything to stop an association with a *gasp* blacklist. (Like clients understand all this anyways)

Paul posted this earlier, didn't you see it?

http://webhostingtalk.com/showthread.php?s=&postid=318829#post318829

Also I KNOW I read an official statement by aol warning about downtime and access to e-mails. I will try to find it but if not, then I guess you both are never going to be convinced.

Tis a pity really. I doubt anyone normal treats spam as seriously as Geek.

All in all, it's just E-mail abused into "deadly" (note sarcasm) marketing and most people and clients probably won't care. Isn't that horrible?

I guess it's more horrible than the news about corruption in the tissue-bone donation "industry", a new plane crashing into korea killing hundreds (and what's left of flight confidence), and some bits about how the states withdrew from the anti-ballistics treaty. I guess spam is more horrible than news that can be life-threatening.

Well, spam IS going to court so of course people like you will get more soapbox.

What am I thinking? Geek will probably regard me as some acid tongue loser "defending" VO and that any evidence I bring up is just a google thing (despite the fact I've never seen so many google links in my life).

Oh well. Maybe someone will get a laugh outta this! :)


Originally posted by cimshimy
It is more than fair to judge their intentions based on their apparent lackadaisical attitude towards getting their IPs taken off black lists. Sure, they don't want to get on the lists - but based on GeeksRUs's post, getting off the lists doesn't seem to be priority one, or any priority for that matter.

I'd like to see some proof of AOL blocking all mail hosts without reverse dns. Didn't they try enforcing HTTP standards a while ago?

http://groups.google.com/groups?q=geekerout@aol.com&hl=en&sa=N&tab=wg

Seeing that Google is the search engine of the day...:rolleyes: :rolleyes: You can see GeeksRUs's style in other people's sandboxes too.



I have been a VO customer since they day they opened and have *never* had a single e-mail blocked due to spam, nor has anyone ever submitted a spam complaint against me! I send roughly 42,000 e-mails a year... each legitimate, each personal responses to inquiries, requests, etc. GeeksRUs's experience appears to be the exception, not the rule. Furthermore, if he'd get his own server, he would have complete control over his own IPs and would personally be responsible for being blocked, instead of trying to saddle his site on a shared server and then have the audacity to whine about one of the drawbacks of being on *d'oh* a shared environment!



And mods, please look into this guy, because he's not accomplishing anything constructive. This is just his m.o.


** Yet another host who will not accept his business **

Very well said DCSN.
I have been a customer with VO since early last year. Never had any problems concerning spam.

Tsk tsk... what some people will stoop to do (eg: geek), IMO. :rolleyes:


BC12
"Fight for the right" :stickout

:eek: Gee whiz, maybe a person should search Google outside of the "Groups" listings:

After years of hosting spam-free membership run mailing lists, MailingLists.org has become the target of "filtering" that is causing a large percentage of the e-mail from MailingLists.org to clients of AOL to be silently discarded.

After talks with AOL,* these filters will not be removed unless MailingLists.org agrees to the following terms.

Please read them carefully and note especially* #11, #13, #15, #16, and #18.

Most of the terms are relatively valid anti-spam measures, but the items listed above, and the "this document does not exist" clause (#20), make this document impossible for MailingLists.org to sign.

If you are a client of AOL, consider that this document (soon to be available as a scanned image of the original fax that was received by the Hartzel and Whiteman law firm) explains quite well why your mail from MailingLists.org is not being delivered to your AOL account.


Read entire page including AOL's own terms: http://www.mailinglists.org/aol.html


For delivering to AOL you need to make sure your email delivery service's domain can be verified using a reverse DNS lookup. For example, if the FROM address is bob@deliverydomain.net, the email server(s) IP address must have a reverse DNS record (PTR record) of deliverydomain.net: not DNS record, but Reverse DNS record. For this reason, you cannot send directly to AOL addresses from a computer with a dynamic IP address (like host home computers).


Read the entire article "Feedback on Filtering" at http://ezine-tips.com/articles/resources/20010817.shtml


OK, since newsgroups are such a fabulous resource, let's look up "AOL reverse DNS" and see what we get!

Bounced E-Mail Problem-AOL http://groups.google.com/groups?hl=en&threadm=4hbraucdcf24r8cq37a6ubaq8qp56iem2k%404ax.com&rnum=1&prev=/groups%3Fq%3DAOL%2Breverse%2Bdns%26hl%3Den%26selm%3D4hbraucdcf24r8cq37a6ubaq8qp56iem2k%25404ax.com%26rnum%3D1

"Reverse DNS Entry E-Mail Issue" http://groups.google.com/groups?q=AOL+reverse+dns&hl=en&selm=V1PI3.96%24db.33089%40typhoon2.gnilink.net&rnum=3

"Reverse DNS Lookup" http://groups.google.com/groups?hl=en&threadm=MPG.1023d530687fcc3098969e%40news.clark.net&rnum=9&prev=/groups%3Fq%3DAOL%2Breverse%2Bdns%26hl%3Den%26selm%3DMPG.1023d530687fcc3098969e%2540news.clark.net%26rnum%3D9

"AOL Dropped Mail: Unofficial FAQ" *MUST-READ* http://members.aol.com/adamkb/aol/mailfaq/dropped-mail.html

And this was a classic, remember this? http://www.computerworld.com/cwi/story/0,1199,NAV47_STO58808,00.html


hmmmmmmmm...... Now since rDNS was installed on the VO servers in question, the AOL mail-delivery issues have disappeared. Additionally, both rDNS and yes, spam blocks, both fall under 550: Refused errors in AOL's system... Nobody is saying there is NO spam. But since the rDNS fixed it, that shows it was an rDNS issue.

Guess Paul knows what he's talking about!

:rolleyes: *snicker*:rolleyes:

Since Geek is so fond of using google, it amazes me that he did not do a search on google to find out that Paul was indeed telling the truth and that AOL does block mail from ALL IPs not having a reverse dns.

If I were *cough geek cough* I would feel stupid..... :o

gw DCSN :stickout

****now accepting bets as to the troll-like quality of responses that Geek will have once he finally returns to read our posts.**** Please Paypal your bet to: troll@ao ... d'oh, sorry ... wrong forum ;)


You guys do realize that all of our refuting is not going to make any difference? He's going to come back and troll like before, executing his newsgroup mentality (the big fish in a self-created pond concept) for all of us to see.

Paul has done more than enough explaining and does not owe any explanations in a third-party, outside public forum. VO has made more than adequate attempts to work with Geek & provide the answers he supposedly seeks, yet time & again it's become apparent all he wants is the airtime, to show everybody this stinky laundry he's "discovered."

The funniest part is, I & a lot of other people are more committed to VO as customers, than ever before. Nice work, Geek.

Now quick! Everybody ignore this thread. Let him post his butt off, we'll just ignore him, and eventually he'll get bored playing with himself. ;)

:rolleyes: :rolleyes: :rolleyes: :rolleyes:

Originally posted by DCSNetwork
and eventually he'll get bored playing with himself. ;)


I am having trouble believing you on that point ;)

$100.... Nevermind, he isn't worth it. :stickout

Keep up the good work Paul / VO.
I am behind you 199.9% (is there such a thing?:D )

Well, you have managed to stain GeekRUs and to prove that there are happy VO costumers.

But all of the proof GeekRUs supplied still stands, and the problem still exists (VO not taking care of spam properly).

Maybe I am wrong, but after reading this entire thread this is how I see it.

I dont think he was trashing VO as a host - he was saying that the way they're dealing with the spam issue is not the way they should be. They no doubt have tons of happy customers.

-Brendan

Okay, it is clearly rumor that AOL blocks email from hosts that don't have "reverse DNS" set up. I have yet to see AOL mention this fact, and have yet to see anyone post a reference to this.

What I have found is that AOL does block email from being sent if your "reverse DNS" does not show the same hostname that you offer in your EHLO or HELO. Misproperly configured "reverse DNS" or mail servers can cause a problem. Just not having "reverse DNS" set up does not cause a problem.

http://postmaster.info.aol.com/

If your mail server tells AOL's mail server that it's name is "foo.bar.com", and your IP shows that you are really "bar.foo.com", then that looks suspicious to AOL, and they block it. I don't think that's proper. They should just add a header that says that it's possibly forged. But since reverse DNS is so easy to fake, it wouldn't be hard to make them actually match and still lie about it. So AOL's configuration makes little sense.

If you have other information, please post it.

Anyway, if VO has received properly addressed complaints with full email headers notifying them that sites that they host are being advertised with spam, then they should take action. I personally do not check for spam posted to news.admin.net-abuse, and would not consider it a valid notification method. If they were notified and they are still hosting the site, then I hope that they have determined that it was an isolated incident. If not, then I personally would consider VO as spam friendly, and they should be added to any spam friendly lists.

I want to know why paul doesn't think that geeksrus would call him a liar to his face. :)

Originally posted by IceBlaZe
Well, you have managed to stain GeekRUs and to prove that there are happy VO costumers.


Well first of all, I didn't make a post about VO's uptime, thier customer relations, prices, etc. I made a simple reply, stating that I have never (nor those under me) having any problems with mail being blocked and whatnot. My reply had nothing to do with being or not being, satisfied with VO.

Secondly, GeekRUs stained himself, he didn't need any help. :rolleyes:

bitserv> From where I sit, this is a matter of splitting hairs. What you describe, and what I have been referring to, and what Paul has been referring to, are all one and the same.

We're using different terminology to address the same issue.

Of course there are special/technical terminology and I too read through the postmaster.info.aol.com site (and all its sister sites and related content, and about 50 other related sites, pages & FAQs) this afternoon while researching the issue...

I also have spoken to Paul personally about this.

If everyone's getting their undies in a bunch over the exact choice of words and descriptors, it's time to get up and take a walk away from the computer, people. The rest of us have simply been trying to put it in layman's terms. I don't care about HELO or header.foobar.whatever or that, when trying to explain to a layperson why a feature is not working as expected... bottom line, rDNS is not set up ("properly"), hence AOL bounces/dies. Normal people can wrap their brains around that. People who frequent this forum, or any host's forum for that matter, are usually a special cut from the cloth -- we tend to be much more technical than most.

Understand that Paul also addresses people in his forum that cannot craft a three-word phrase without screwing it up, and don't know where to type the IP address to locate their website :rolleyes: ... So apparently our Champion Resident Expert here decided that a man trying to make something understandable to the broadest audience was in fact lying.

If ya'll want to go spin your wheels about that, go right on ahead, it's energy that could just as easily be put into your business... *gasp*

Y'all seem to forget that GeeksRUs wanted an explanation, but when it was offered, he didn't want it. ??????? What kind of B.S. is that??? I see, it has to be in just the right format, just the right amount of a$$-kissing and in the right package? No. Either you want an answer, or you don't. All this bozo wants is airtime, to look important, expert, and professional. Well guess what, I'm old enough to be your mother (for about 85% of the viewers on this forum, including, I believe, each and every other host /except VO/ who's posted in this thread) :eek: and I know what expert and professional looks like. GeeksRUs ain't it.

Nobody's perfect, but sh*t guys, "let he without sin cast the first..." Everybody's got room for improvement. Bottom line, the issue at hand has been fixed. And please show me one knowledgeable person who knows that VO is not taking action against spammers? Every person who's posted they don't do anything ... not one of them is on the payroll, so how do they have access to VO's servers/systems to know what takes place behind VO's doors? (Or your doors, for that matter?) Did Pat not say that they are taking action against spammers? Exactly how much more straightforward does a company have to be?

Hey, I'm all for calling the kettle black, but I'm also all for being fair. Since nobody else (but Paul) posting on this thread is on the VO payroll, I hardly consider Geeks & the rest of the disciple trolls to be in a position to speak for what VO does, or does not do, in the course of its business.

:eek:


</DCSN>

Busy, aren't we all, trying to trash someone. I knew it would happen, just as I said. I also said, as I mentioned in my very first post that I have no problem with VO's customer service. I have a problem with

1. VO - specifically Paul - posting a lie. AOL did not - and does not - block "every server on the internet" without reverse DNS set up. I don't like people lying to me. That, however, pales in comparison to
2. VO's failure to deal with complaints about spam on their network to the point where VO netblocks wind up in blacklists.

The rest of the posing in this thread means little to me. I have no idea what those links posted up a little before this to posts in alt.www.webmaster have to do with anything. I don't read that group, and I don't post to it.

1. Sonnet says "Have you ever heard of using another e-mail address? Perhaps it's not very professional although e-mailing your aunt sally is not a professional thing to do. Perhaps I am more tolerant but haven't you learned that nothing is failsafe on the net? I have at least 4 different addresses that can be used as a safety whenever little problems happen". I find it difficult to believe that I should be forced to use a different email address because my own host doesn't care enough about spam to stop it. VO has their own anti-spam policy. They should enforce it. They do not. That does not equate to "doing all they can". In response to your "foul-mouthed" comment, my only response is: what? Nowhere did I use profanity in any message, either here or at the VO forums. As far as emailing aunt sally, I wasn't referring to myself, but more to a generic example of a regular user who might, just perhaps, use the mail service that comes along with a hosting package to maybe, just perhaps, keep in touch with people. Perhaps you, like some of the others, would read a bit more closely before posting, since you seem to miss some things in your haste to try to bash the messenger.

2. VO has received complaints regarding spammers in their netblock. They have done nothing about them. As I write this, stocktalkreport.com is still up and functional in the VO netspace. As are others.

3. DCS says "Furthermore, if he'd get his own server, he would have complete control over his own IPs and would personally be responsible for being blocked,". This is incorrect, and even a cursory examination of anything spam-related will bear that out as it relates to blacklists. VO is the SWIPed owner of that netblock, were I to get a server from them. It wouldn't make any difference to the outside world if my server, with one IP within some range, was not spamming. The intent is to make providers deal with their spam issues. VO has failed to do that, and that puts everyone in their netblocks at risk. You have not had any problems with email being blocked, so good for you. However, if and when someone spams from inside the range you are in, VO does nothing about it, and that is also added to the RBL, you will sing a different tune. I really like the argument of "It can't happen to me, so you're just a troll", though.

4. DCS says "Y'all seem to forget that GeeksRUs wanted an explanation, but when it was offered, he didn't want it...please show me one knowledgeable person who knows that VO is not taking action against spammers". Excuse me? Where has an explanation been offered in response to my questions about what VO is doing about its spam problem? I'd like to see it. Here's a tidbit for you: VO has an antispam policy, complete with links off to MAPS. However, there is one spammer who has been in their space since November. That site is still there. Others that have been reported in February-April? Still there. Does that appear to be action to you? How long does it take you to shut down a spammer when notified?

I wish you luck with VO. I think it telling how they (and their supporters) have reacted to this whole thing. Instead of just cleaning up their act and addressing the problem, they choose to ignore it and try to pound the person who brings it up. We'll call it VO's dirty little secret of harboring spammers in their network. Given their history in the net-abuse world, and all that I've seen so far, that isn't surprising. I can tell you that in my day to day work, though, I will simply advise people to drop the entire VO netspace into the lists and be done with it. No sense wasting time with people who can't be bothered to act.

Maybe some of you are comfortable knowing that the spammers who invade your mailbox on a daily basis are of the same species as those who live with you in VO's netspace. Me, I don't cohabitate with scum. Between their apparent inability to deal with their problem and the attitude they give when someone brings it up, VO doesn't seem to mind their bottomfeeders either.

With that, I'm off. Found a host, got set up in three minutes, and uploaded the site. A host who, as it happens, has zero listings in blacklists and a very healthy record of dealing with spammers.

I believe this link might come in handy, then... (when you're ready to cancel)
http://www.venturesonline.com/wonderdesk/wonderdesk.cgi



</DCSN>

Thank you, I'm well aware of the way to cancel my account. That was another piece of information I researched while looking at VO's history and talking to various mail admins (many of whom have simply dropped all of VO into their privately-maintained blacklists due to the issues I raised above, or due to VO's attitude).

By the by, you didn't answer my questions, either, but I have to admit I find it unsurprising, since I didn't expect you to actually read them or if you did, to understand the bigger issues underlying them. I'll make it easy for you, and just repeat one.

How long does it take you to cancel a spammer after notification?

I think this thread is fascinating, and I think the folk who are calling for the moderator to remove the guy and in the same breath calling him fairly nasty things ought to take a look in the mirror.

i don't even deal with VO nor am i a host. but i do read. and VO has not responded to the accusation of the spammers still on their network.

IMHO it's an extremely fair topic and the accusations have not really been addressed. just lots of folks trying to scratch geek's eyes out because he's accused their beloved host.

come on. :)

Originally posted by Paul L.
The AOL issue with blocked mail is true it was a DNS issue and not spam, I bet more that a few hosts here ran into this issue.


I agree totally with Paul. AOL ARE blocking emails on port 25 that do not have RDNS setup*** - it was a huge problem on the CPanel forums and CPanel included a work around by making it send emails on port 26 instead.

So Paul/VO were not lieing.

*** = RDNS only needs to be set up on the main server's name ie blahblah.vosn.net <-> 12.12.12.12 not for every domain name.

James

Originally posted by DCSNetwork
bitserv> From where I sit, this is a matter of splitting hairs. What you describe, and what I have been referring to, and what Paul has been referring to, are all one and the same

There is a big difference between what paul claimed was the truth and the actual truth. I would call that a lie.

What we know so far is about 1 week ago AOL blocked all servers on the internet that did not have reverse DNS setup, We have added the reverse DNS and are working with AOL to be removed from their block list.

This has effected a lot of providers not just VO.

He's claiming that they're suffering from a non-existant "reverse DNS" issue and from having been added to the block list.

Is he really expecting anyone to believe that a lot of providers have been added to AOL's block list, and also suffer from a non-existant problem?

And then he argues with geeksrus that it was only a "reverse DNS" issue, and not a problem with being added to their block list. A "reverse DNS" issue, which does not appear to be fact, but which the entity known as dcsnetwork, and justin take for fact.

There is a big difference between being added to a block list, providing the "wrong" name of your mail server during an SMTP session, and not having "reverse DNS" set up. A layman might think that they're one and the same, and that's why paul's lie was probably accepted so easily by most.

I think that some here may be blinded by their biased devotion to VO.

I'd still like to see geeksrus state why he "knows" that VO received valid notification that those sites were advertised by spam, and that they did nothing to stop it.

But that's just me.

I have returned, yes, due to the request of someone else. No names, since they're staying with VO at this point, for whatever reason.

Thread at the VO forums, which has been edited. I can only guess that one of the edits in this thread is a removal of the link to this thread one at WHT. The other might be a list of IPs that are blocked, based on responses from Paul and Bailey.

http://www.venturesonline.com/forums/showthread.php?threadid=3481

In a nutshell, a user on zerowing.vosn.net is finding their mail blocked at Freeserve, a UK-based ISP. Both Paul and Bailey tell lthe user that Freeserve's list is outdated; Bailey says the answer is to get Freeserve to update their lists.

My question, and the same question that others will ask - the same questions that VO has yet to answer: what is VO doing about their spam problem? Winding up in the blacklists is not an immediate type of thing. It takes repeated complaints and inaction for providers to wind up there. As Pete, the poor guy in the thread above comments in his last post (at this writing), "Bailey your post almost suggests the problem is nothing to do with VO. I don't spam, therefore I don't expect to be affected by *other peoples* spam. Whether Freeserves lists are old or whatever, it doesn't matter, the problem is happening, end of story."

Mark, I'll see about digging up some of those complaints for you. There are several people who post to NANAES who copy their posts to that group to the contacts they list within the body of their message. Something else of note is that VO is listed at rfc-ignorant.org for the vosn.net domain, which, if listed there too long, will result in blacklisting by at least two mail admins I know, as it means the provider has no intent to handle incoming complaints.

This is just a quick run, grabbing a couple of recent items.

racing-forums.com: April 9, 10 (both listed below were reported to VO)
still in VO space at 209.197.233.205
http://groups.google.com/groups?hl=en&q=racing-forums.com&btnG=Google+Search&meta=group%3Dnews.admin.net-abuse.sightings


stocktalkreport.com: specific complaints to VO
still in VO netspace at 209.197.228.33

http://groups.google.com/groups?q=stocktalkreport.com+group:news.admin.net-abuse.sightings&hl=en&scoring=d&selm=OE43nYsDCScndAx7Fqx00001ca3%40hotmail.com&rnum=2

http://groups.google.com/groups?q=stocktalkreport.com+group:news.admin.net-abuse.sightings&hl=en&scoring=d&selm=OE8wt0Rvw9yhMTnCxk400018e3b%40hotmail.com&rnum=5

This one indicates that the spam went right through one of VO's servers, as well, so it isn't as if it's difficult to tell that this one violated VO's own spam policy even if this one does not specifically indicate it was reported:
http://groups.google.com/groups?q=stocktalkreport.com+group:news.admin.net-abuse.sightings&hl=en&scoring=d&selm=z200207514472505%40truffula.sj.ca.us&rnum=6

This one shows the same thing and has a spamcop report, although because it's older than 30 days(!), the report is not available for viewing:
http://groups.google.com/groups?q=stocktalkreport.com+group:news.admin.net-abuse.sightings&hl=en&scoring=d&selm=20020315174622.5E9C997004%40bolero.rahul.net&rnum=10&filter=0

This one sums it up rather nicely (Apr 3):
http://groups.google.com/groups?q=stocktalkreport.com+group:news.admin.net-abuse.email&hl=en&scoring=d&selm=a8fhfl%24inp%241%40samba.rahul.net&rnum=1

Plus miscellaneous entries for mommytips.com on the 8th/9th of April - those were probably listwashed by the enduser. They certainly were not removed, since the domain is still in VO netspace. And others. If VO is still using any Verio netspace in their assignments, there are even more than just using the blocks SWIPed to VO.

Now, to any host: how long does it take you to remove a spammer once you have been notified that they exist on your systems? I know that most hosts do not lift almost the entire MAPS information for their policy page as VO did at http://www.vosn.net but I do expect that whatever policy is posted will be followed to avoid legitimate email being blocked.

I think GeeksRUs has made some valid and reasonable points and don't see him as a troll. I think he worded his posts well and got the point across. He's obviously not happy and is being blunt about it. I can see him being upset with being lied to.

However, on the other side of the issue, is what Paul stated. Was this in regards to that very same issue, or maybe Paul just thought it was, or maybe he thought it was in regards to the rDNS issue he had heard? I mean to say, did he "lie", or perhaps he just didn't have enough information? What I mean, to be more clear; is perhaps Paul is more in sales and it's possible he stated that out of not knowing the technical aspects of it? Or, again, perhaps he was talking about something else -- and even more strongly of what I meant about not enough information, is that Paul and other's were hearing a lot of people (Apparently in the Cpanel forums) complain of this same problem, so he stated what he thought was true or most likely the cause based on that. In which case, perhaps he didn't know it was a blacklist issue or that you were even talking about that, or that it was actually the case. In which case, he posted perhaps invalid or inaccurate information or assumed based on all the other hosts' problems that this was the case and should have checked -- or should have made sure he didn't respond with that reason to a blacklist question (and so on -- i.e., thought maybe you were wrong, based on the information he was hearing), and that it wasn't an intentional foul. This is just an assumption.

What I'm trying to say, is that I've spoken to Paul on occasion, and I've seen how he acts and deals with things, and I don't get the impression that he'd flat out lie like that, so perhaps it's a misunderstanding? I mean, if it was Daniel, than that's different -- I'M KIDDING PEOPLE!! *L* Seriously, perhaps this was just a misunderstanding. I'm not going to pull one of those "Can't we just all get along" and go run away screaming because I can't handle reading anything that's not about puppies, fluffy clouds and sunshine, but this just seems a little out of place. I'm not defending anyone and I'm certainly not a mindless person that will get angry, I think you make valid and good points. I just don't know if your claim or assumption that Paul had the intention to lie to cover up the issues and still host SPAMMERs, is very accurate. But what do I know. I'm not commenting on the sites being hosted there, I'm not sure why they are, but just about the assumed intentions of people, is all.

On the other-other hand, I'm not sure why the sites mentioned above haven't been removed that are still hosted on their network either. I also didn't read those usenet postings, I can't be bothered, I get enough Usenet as it is. I'm a little confused by this because this is a little unusual, but I think everyone has some valid arguments here and perhaps I'm just a little disillusioned or something by it. I have also seen IP's get blacklisted, and for no reason, even stating they are an open relay when they aren't. I'm not saying they weren't blacklisted due to having many SPAM sites and not taking action though or that it was unfair or a mistake -- this, I don't know. I'm also not familiar with all the RBL, etc. services either, since there's so many. But my point was, that I have seen how people are unfairly added to lists, and how difficult it can be to get off of them -- again, I'm not saying that's the case.

Conversely, assume this, you run a host and kill SPAM sites and accounts within a minute of a report, and the people that blacklisted you are also rude and act like you support SPAMMER's, I wouldn't be kissing anyone's ass and allowing them to speak poorly of my company, when I took all the actions I should have. I'm not saying that's the case (how many times could I possibly say that in one thread? Not that I'm saying that's the case, mind you. :-) I've been at odd's with RBL's before, because they didn't have a clue what they were doing. Of course, I also never had a SPAM be sent out from my server either. I'm also not talking about netblocks, or classes, but individual sites, so I'm sure this situation is different, as is the RBL in question. I don't even know why I brought that up, other than to say, while I agree this is serious and should be dealt with immediately (if nothing else, just to ruin a SPAMMER's day), but that I'm all for removal of SPAMMER's and I don't see pissing off a company is going to make them run to go comply with your demands -- although maybe they should based on the information (I would have and would by now -- I hope they are, for whatever reason -- if nothing else, to at least have this thread make them see it's not just a random complaint and that that's all they needed to take action?)

Now, as right as your comments might be GeeksRUs, you have to remember that your harsh accusations, albeit perhaps justified, aren't going to resolve anything. I think everyone knows that and why some people claimed you were trolling -- since you knew you were moving hosts and were going to post this information anyway. Perhaps you should have, or not. I don't know or care, and I'm not saying you were wrong -- but it's likely not going to motivate anyone (not that I'm saying people should slack off if they are offended and not take responsibility -- so I don't know why I said that either -- I'm being too nice today, I think (yes, you should see me in a bad mood -- I really type then!)).

I guess I'm having more trouble than I thought I would in my response trying to express my opinion here, but other than the lack of (now) immediate action once this was brought to VO's attention, I don't get the impression that it was a lie to give SPAMMER's a haven on their servers. I can't say why those sites were up at the time of your posting, and I hope if they are SPAM sites/accounts that they are terminated ASAP, but I just don't get the overall impression that it was a lie and not with the intentions you claim or suggest. But, what do I know, I am known to go off myself about things I feel strongly about too. I just hope it all works out, because I friggin' hate SPAMMER's more than anyone, so don't confuse what I say here to mean I have a low tolerance, and I'm a little disappointed that these sites weren't killed long ago, if not as soon as the newest posts were read. Let's hope they are confirming these complaints are genuine and true and are just gathering the information to kill the accounts. After all, it's not even been 24 hours yet (not that I'm saying it should take that long), but you do have to verify it or risk being liable in a law suit. So, I wait, like a vulture.

[Edit; lots of it]

Tim, with all due respect, it's very difficult to determine what exactly you're saying here. I believe you are confusing two very different issues, both of which caused me to find a new home. The only reason I posted this here is because VO refused to leave my posts on their forum, despite the fact that I was (and still am, until I cancel my account) a paying customer, with an incredibly valid concern. The reasons I cancelled my account were Paul's absurd claim about AOL blocking "every server on the intenet without reverse DNS" (the lie that's referred to in all of this) and VO's failure to deal with their spammers to the point where VO has found its way into various blacklists and SPEWS (which has nothing to do with lying, as both parts are easily verifiable). Killing sites after having a customer bring up the fact that reported spam sites are still around is not my idea of acting responsibly.

The others who accuse me of trolling are displaying a remarkable immaturity while simultanously not grasping the technical issues here - some of the posts trying to deal with the red herring of the AOL issue are proof of that. All of this is not because I don't like VO. I do - or, rather, I used to, before it became clear how disinterested they are in acting responsibly so that their clients do not suffer consequences for other peoples' actions. I used to recommend VO to people, but in good conscience, there is absolutely no way I can do that now. I do think that if this were another host, or if I had started the thread without giving the name of the company in question, the reaction would have been very, very different.

Originally posted by GeeksRUs
Tim, with all due respect, it's very difficult to determine what exactly you're saying here.


No offense taken. I got that impression from ME, as I typed it -- if that helps put it into perspective. I guess I was trying to say that Paul isn't that type of person, yet I am not going to act like I'm happy to hear that the sites are still there. I attempted to explain, perhaps, some different scenarios about why you might have thought Paul lied and had poor intentions, when he perhaps genuinely thought he was covering the questions with the correct information. Heck, I don't know. I edited my post above a minute ago, to try and word my statements more clearly. It's about 5:30 AM and I've been up all night, so don't try and make too much sense out of what I say.


I believe you are confusing two very different issues,


I'm not sure I am, but perhaps it's just the confusing way I worded my previous post, which I hope the editing cleared up. But, we'll see.


both of which caused me to find a new home.


Yes, I can understand that, completely. Did you post this here to warn people, or because you were pissed off about them not taking action, not taking you seriously or perhaps because they edited or deleted your posts on their forums, so you did this because? That's not a sarcastic remark. I think this is a great thread, and a great subject to bring up. It's important that this be a big deal for web hosts to take action on. Just like they don't allow even a single user to consume too much resources on a shared server in the best interests of all user's on the system, they also need to realize that this same logic needs to apply to network policies to prevent all user's in a class of IP's (or even on the same server) to not suffer in any way, shape or form, due to the abuse of another user on the server/system or entire netblock/class. I hope that makes it clear that I do understand and understand the ramifications and importance of this. I was simply trying to suggest that perhaps there was some confusion by other people, and that Paul didn't literally "lie", but perhaps provided misguided or misinterpreted information about what he thought you were talking about, or what he thought was the problem, based on the reasons I suggested in my above post. I am, however, just guessing.


The only reason I posted this here is because VO refused to leave my posts on their forum,


I understand that, but I was simply suggesting why people might get the wrong impression about why you decided to come here. I'm enjoying this, and I don't mean it in a way that I enjoy people being flamed or whatever, but just because I'm glad to see an issue like this brought up and get the attention it should. Perhaps hosts can learn from this. Perhaps that was your intention?


despite the fact that I was (and still am, until I cancel my account) a paying customer, with an incredibly valid concern.


I agree. I'd have been pissed. I would have (and I have) done the same thing. People aren't going to like it. I see this as exactly what it is, I am confident you understand that by now. I wasn't trying to bring this off topic into some social survey, but just suggest that this doesn't fit Paul's personality. I'm not Paul's best friend, I'm not and have never been a VO client. In fact, at some point, we had quite a big issue going on, but they do and will work things out and my situation, I felt, was even worse (not because of anything they did -- it's hard to explain), and they worked it out amicably. I hard some issues, and there was a lot of unneeded extra's going on, like this thread, when it could have been approached differently. I ended up apologizing for not bringing the issue up in another manner even, and I never do that, but they turned out to be decent people. This is why it just seemed out of place, not to say your argument isn't valid.

Your argument is completely valid -- I just don't think there's a reason, or any proof (is there?) that Paul flat out and intentionally lied, but that it was more of a mistake. I'm not trying to guide or correct your words, wording or attitude or how you're going about this (I'm the last person to have that right, believe me), but although this is serious and valid, that one claim he lied, did bring up another aspect that was unneeded, unproved (I think!?) and that was why people got on your case -- and that tends to defeat your purpose and dilute the thread by way of pollution. It causes confusion and arguments about a simple issue. I would have just preferred it to be on track and cover just the issues you've been stating, is all I'm trying to say, because it's interesting and it needs to be said (for the sake of a lot of hosts).


The reasons I cancelled my account were Paul's absurd claim about AOL blocking "every server on the intenet without reverse DNS" (the lie that's referred to in all of this)


But I'm still not seeing any substantial grounds for that and it's just putting people off on an otherwise real and unarguable topic, which defeats the purpose. But, rather than discuss my view about it, I'll not go on about that and defeat my purpose. I just wanted to see how you knew that Paul was lying? Is this unarguable, or are you willing to just investigate that a little, to be able to know for sure it's true or not, give him the benefit of the doubt or not, and then move on to the real issue here -- the failure to remove the SPAM sites after so long.


and VO's failure to deal with their spammers to the point where VO has found its way into various blacklists and SPEWS (which has nothing to do with lying, as both parts are easily verifiable). Killing sites after having a customer bring up the fact that reported spam sites are still around is not my idea of acting responsibly.


I agree, I find this surprising. If nothing else, perhaps the only complaints were in the very low double digits and they didn't know how serious the problem was with some of these sites? I didn't read the thread. Was it hundreds, or thousands of complaints? Maybe 50, or 20 even? E.g., if it was only a few days of complaints based on one SPAM session a few days before and they couldn't verify it was the site involved or an act of a competitor, etc. I'm not "reaching" for any excuses, I just don't have time to read all those usenet postings to know. If they are valid, perhaps that's all VO needed and they are going to act on it soon. I don't pretend to know why they didn't immediately then, or even immediately based on the threads mentioned in this forum. Did these people have any newer complaints since those original one's you posted in the news groups? (i.e., a site spamming SINCE November, still?) I'm just curious, is all.



The others who accuse me of trolling are displaying a remarkable immaturity while simultanously not grasping the technical issues here - some of the posts trying to deal with the red herring of the AOL issue are proof of that.


I agree, it happens, it's the Internet. I see you are handling it fine.


All of this is not because I don't like VO.


I realize that. Perhaps if you explained why you intentionally brought this issue to the WHT boards, people might understand?


I do - or, rather, I used to, before it became clear how disinterested they are in acting responsibly so that their clients do not suffer consequences for other peoples' actions.


Right, you don't like them now, based on lack of action, concern and the bullish attitude you get, and still lack of response and then being referred to as a troll. I think that was (on this board at least) the result of calling someone a liar, otherwise it would have turned out differently. But, again, I don't know the case. Can you tell how I am interested in debates too? :-)


I used to recommend VO to people, but in good conscience, there is absolutely no way I can do that now. I do think that if this were another host, or if I had started the thread without giving the name of the company in question, the reaction would have been very, very different.

I understand completely. Hopefully VO is already in the process of taking any appropriate actions. I just hope this isn't about some site that SPAMMED late last year and perhaps never did again, or something... because that might not be relevant depending on the circumstances. Hopefully everything will turn out okay, because once again, I really despise SPAMMER's.

Now I know why I use Jag for my main site :)

I have other sites - hosted elsewhere (NOT VO) - that are prone to having outgoing mail blocked because of the problem Geeks is mentioning.

It's a mild problem for me because I'm not too fussed by it as I don't really need the mail service that much.

I would imagine that if it was important to me and I couldn't reach customers because my host was indifferent to the problem, I would be a bit ticked off and would probably switch hosts.

However, considering that there's a whole bunch of junk hosts out there, this musical chairs phenomenon is getting quite tiresome.

If VO has such a reliable network and top level support, then it would really be cool if they went a step further and cleared their house properly - heck !! It could even become a SALES point.

I - for one - would make use of Geeks services if I was running a hosting business (ponder ponder ponder)

Originally posted by Tim_Greer
[snipped a great deal, here and in other places through the post]

Yes, I can understand that, completely. Did you post this here to warn people, or because you were pissed off about them not taking action, not taking you seriously or perhaps because they edited or deleted your posts on their forums, so you did this because?

I posted it for the reasons I stated. I am not the only person who has had mail blocked; I am not the only person affected by this. VO did not and would not adequately address the issue, and removed my posts from their forum when I brought it up. That strikes me (a paying customer) as a lousy way to treat people. I'm not pissed or otherwise agitated except in that I am severely disappointed that this issue is not treated with more gravity by VO. After all, their very business relies on connecting people to one another. It's clear to me that they do not as yet have a handle on understanding this and that they do not appear to want to even try, either. I base that on their response to me over the past couple of days and their responses to people in the net-abuse groups over the past several months.



[snipped]I hope that makes it clear that I do understand and understand the ramifications and importance of this.

I had no doubt that you understood the implications. I was not sure if you were understanding the two distinct issues that I had raised, but it is clear that you do.


I was simply trying to suggest that perhaps there was some confusion by other people, and that Paul didn't literally "lie", but perhaps provided misguided or misinterpreted information about what he thought you were talking about, or what he thought was the problem, based on the reasons I suggested in my above post. I am, however, just guessing.

Now, this is a misunderstanding, and I'd like to clear this up right away. Someone posted that their mail to AOL had been rejected, with one of the standard boilerplate reject mesages, and posted as much in the VO forums. Paul then posted, at the VO forums, the line that I've quote previously about AOL. I then posted there and said that what he claimed was untrue. I do not see from that how it could seem that he could possibly have misinterpreted what I was referring to, then or now. He chose to focus on some tangential issue about how VO setting up reverse DNS on a server meant that it wasn't AOL blocking them for spam. That, however, is not relevant, as it was not the topic under dispute at any time. His claim, no matter how you look at it, is untrue, and not one person has been able to show that AOL, last week at some magical moment, starting blocking every "server on the internet without reverse DNS". As you might have guessed by now, I don't look too favorably upon people who mislead (or attempt to mislead) their customers. When pressed about it, VO took the wrong path: they deleted the entire post, plus two others. It would have been very easy to rectify that right then and there.


I understand that, but I was simply suggesting why people might get the wrong impression about why you decided to come here. I'm enjoying this, and I don't mean it in a way that I enjoy people being flamed or whatever, but just because I'm glad to see an issue like this brought up and get the attention it should. Perhaps hosts can learn from this. Perhaps that was your intention?

I had no doubt that people would get the wrong impression, or that people would turn to attack me, and said so. This forum is a microcosm of certain types of psychological behaviour. I certainly hope hosts can learn from this, but that was not my primary intention. Most hosts do not have this particular problem, because they do not ignore the issue until it snowballs into SPEWS.


[snipped]but just suggest that this doesn't fit Paul's personality.

Be that as it may, VO and other hosts have shown exactly this type of behaviour when confronted with a situation where they should (but do not seem to want to) shoulder the responsiblity. Various VO reps have shown a quite haughty attitude when dealing with issues, and this one is no exception. This is not an issue of some seemingly disgruntled client waltzing in to the forum or a newsgroup with a ream of complaints where they think the host has failed and the host steps up gamely (but nicely) and addresses those issues. Out of all of the hosts who have done this last, I believe Matt (of Site5) and Annette (of Hosting Matters) show how issues can be addressed by hosts willing to take the time to do it. Other hosts could learn from that, no matter where the balance lies in the issue itself. That is a topic for another discussion, however.


and that was why people got on your case -- and that tends to defeat your purpose and dilute the thread by way of pollution.

It probably does, but you can't stop people from going off on their own little path into the underbrush. I consider myself accountable for my opinions, though, and it does not matter to me if people try to nitpick something to death. Something like this really is indefensible, though. I'd have accepted an apology from VO. Unfortunately, they do not appear to recognize that their own actions have consequences.



I just wanted to see how you knew that Paul was lying? Is this unarguable, or are you willing to just investigate that a little, to be able to know for sure it's true or not, give him the benefit of the doubt or not, and then move on to the real issue here -- the failure to remove the SPAM sites after so long.

It isn't inarguable. If anyone can show that last week, AOL blocked every server on the internet without a reverse DNS, I'll be happy to see it.



I agree, I find this surprising. If nothing else, perhaps the only complaints were in the very low double digits and they didn't know how serious the problem was with some of these sites?

How many does it take? Does Jaguar give spammers a second chance? A third? VO's policy says this: "UCE / SPAM Policy
The abuse and misuse of e-mail is a serious problem, and we will not tolerate it." I do not equate spammers remaining on a network with any sort of intolerance. VO's policy further says: "We strive to maintain favorable business relationships in the Web community and obviously will not allow any practice that threatens these relationships." VO has failed to stifle those practices that are harming VO's relationship - and therefore its customers' relationships - to the Internet community at large. That they are in blacklists and SPEWS says as much.


Did these people have any newer complaints since those original one's you posted in the news groups? (i.e., a site spamming SINCE November, still?) I'm just curious, is all.

This is something that a lot of people do not understand about spam and blacklists. Postings to NANAES are used as a tool to demonstrate, for the purpose of private blacklists, the way in which providers handle spam complaints. If you reach a certain threashold, it does not matter at all how many more complaints you receive about a site, because by then you're in the blacklist and quite a few people are no longer receiving the email to complain about it. If I see complaints about a site from March 16 and the site is still alive at the same host on April 9 in other complaints, it is clear the host doesn't care that the spammer is still alive on their network. The people that suffer when hosts do not remove spammers are not the spammers. It is the customers who might share netspace with those spammers, who have done nothing other than use their account in accordance with whatever AUP the host has in place.


Perhaps if you explained why you intentionally brought this issue to the WHT boards, people might understand?

I believe I've done that. I do not think some people will ever attempt to understand, until it's too late and they find themselves affected.

Originally posted by Antgear
I - for one - would make use of Geeks services if I was running a hosting business (ponder ponder ponder)

Hmm. I wonder how secure I'd feel working with someone who's quick to slander me at the first sign of trouble or disagreement.

To paraphrase the Immortal Bard: "Methinks he doth protesteth too much."

<EDIT>
Ooops, I said I was butting out. Forgot.
</EDIT>

Originally posted by alchiba


Hmm. I wonder how secure I'd feel working with someone who's quick to slander me at the first sign of trouble or disagreement.

To paraphrase the Immortal Bard: "Methinks he doth protesteth too much."

First, it would not be slander since it is written and not spoken. Second, please point to any libel I have posted, about anyone. Third, your quote really makes no sense in this context.

Imagine being tim greer's kid if u came home with a bad report card... each grade would be quoted with a huge paragraph after it explaining 35 reasons why you should have gotten an a ;)

-Brendan

Look - I've always appreciated the ability to stand up for what you believe in. Yes, Geeks may be a bit over the top and may have erred a bit but the gist of the argument is sustainable.

If his main concern can be answered in a reasonable manner instead of the old smoke and mirrors tactics currently in use, then I figure he would be a happy camper and all would be quiet on the western front.

I've had enough experience with hosts that glibly evade the issues at hand because they're simply too inept or unconcerned to give a hoot.

Originally posted by GeeksRUs
First, it would not be slander since it is written and not spoken.

Thanks for pointing that out, as the penalties for libel are more severe.


Second, please point to any libel I have posted, about anyone.

Right here in this thread you have smeared at least one reputation by by calling certain people liars and accusing a company of "harboring" spammers. Both charges require proof of intent. You haven't provided any such proof.


Third, your quote really makes no sense in this context.

I'm sorry the meaning escapes you.


I'm not here to argue, but I think you've made your point and you're belaboring the issue. As I said before, your considerable talents and energy could be better applied.

I believe GeeksRUs should have started in proper / formal way. He started off too strong in the beginning which've directed the path of this matter in wrong way.

In the meantime, go on. Please go on. It's entertaining thread to read to kill some time. And I got to see Tim Geer's posts as well, what a lucky day I have here. :rolleyes: :cool:

As a "layman", I feel like I'm drinking from a firehose on this issue. I'm trying to understand it from a practical perspective as a shared host customer. Could someone tell me if these interpretations are correct?

Here's what I think I'm understanding:

1) If your specific ip, or your ip is within a range that shows up in the SPEWS list, any server in the world that subscribes to the list will either:

a) bounce the email I sent to them with an explanation or

b) blackhole it or

c) flag as possible spam but let it go through. In this case wouldn't most folks set a filter to direct these flagged emails into their spam folder? In other words, the chances of them missing my email goes up because mine is buried in the real spams that slipped through that day?

2) Per the spews.org page:
"SPEWS can be used to build router or firewall "reject" lists, used to deny any packet traffic to SPEWS listed areas."

This seems to be saying that a subscriber to SPEWS could deny people in their organization from seeing my website if my ip is in any blacklisted range.

3) From my reading of the usenet postings listed earlier in this thread, if a host ticks off an administrator via a post on usenet then SPEWS may be the least of the problem. The SPEWS faq says that the block will be automatically lifted in time if the spam from a host is handled diligently (although there is no direct way of doing this except leniency might be granted through a post to NANAE). However, there seems to be a way out of SPEWS eventually.

But, for example, an administrator for a mid size company could just toss a range (that my ip happens to be in) into their permanent block file and that's the end of it. And I'd never even know whether I was being blocked or not.

4) Lastly, I'm confused on the "granularity" of the ranges that show up in the SPEWS list. For example, I typed my IP into the "lookup record" box and got a "This was NOT found in SPEWS" reply. I know that "part" of my host is listed in SPEWS based on an evidence file posted on usenet. It appears this means that if a spammer hosts on the same "space" as me and my host gets put on SPEWS that I'll automatically get blacklisted as well.

So the entire host's range doesn't get listed but someone moving into my neighborhood (on my server ?) could get me innocently banned (as Mr. GeeksRUs posted). More to the point, how worried should I be about all this from a practical standpoint? If the host has been lax in the past but I suspect they'll be more vigilant in the future, odds are that I shouldn't blow this issue out of proportion and check SPEWS every day to see if I'm on it, right? Of course I could just move but theoretically it could happen on any host that I went to so that's why this question is coming up.

If the interpretations above are true, I'm concerned about this issue because my customers are mainly on corporate servers where it would seem that the admins should be more vigilant (strict) on spam issues. I can deal with bouncing emails by using another account but not if they're blackholed or if my site is going to be blocked.

In summary, the SPEWS site is very well written but I couldn't glean an answer to whether my site could be blocked and how many admins in the real world go as far as I'm describing. Please feel free to provide a link if you feel this has been answered from adequately somewhere else.

Thanks. Sorry for the length.

Originally posted by alchiba

Right here in this thread you have smeared at least one reputation by by calling certain people liars and accusing a company of "harboring" spammers. Both charges require proof of intent. You haven't provided any such proof.


Maybe I am imagining things, but all I saw in this thread is proof and more proof on GeekRUs side, and then some more evading and SPIN propaganda taken by ventures online, and their followers.

EDIT: Fixed the bold tag

Well I was speaking from my end. I have never in the time I've been with them had any problems with email being blocked, and neither has those under me. I send 5-20 messages myself, everday to different places, and no problems. That is not being biased, thats not anything other then the fact. ;)

Originally posted by IceBlaZe
evading and SPIN propaganda taken by ventures online, and their followers.

Yes, I'm a customer but I'm also quite agnostic. There's no emotional or spiritual attachment here. They do right by me and in business that's what matters.

Spin and propaganda happen everywhere everyday. Read the papers. Watch TV. Attend a rock concert. Even the cartoons my kids watch are full of "perspective".

But that doesn't amount to lying and it's not enabling wrong-doers. It may not even be deceptive. What is more distressing is the strident and excessive rants by individuals who are empowered to be more than just innocent rubes, helplessly whining and bashing in public.

Okay, that's as much advocacy as I'm willing to hand out without being on VO's payroll.

We just go on and on and on....with a topic on which the opinions were long ago expressed and clearly no resolution or agreement will be reached here, in the WHT court.

Why can't we just present opposite views, state our points, and let it go? Why do threads have to become a long argument leading to nowhere? Do we think there's going to be a vote taken and one or the other party awarded the victory?

Just questions I pose....no answers.

But, I pose them because I just come here for knowledge, sharing of ideas, and discussion. And, more and more, we are getting away from that, into negative threads, long arguments, taking shots at competitors, demeaning others work, and promoting our own agendas.

<Getting off soap box...heading to a short, succinct thread>

I am ignoring this thread (well, so far as not responding to any of the questions ;) LOL) as suggested on page... 3? 4?

If GeeksRUs wants answers, he's been told who to contact, and how. *shrug* End of story.

</DCSN>

Aww, did I kill the thread? :bawling:

Originally posted by sleon
As a "layman", I feel like I'm drinking from a firehose on this issue. I'm trying to understand it from a practical perspective as a shared host customer. Could someone tell me if these interpretations are correct?

Here's what I think I'm understanding:

1) If your specific ip, or your ip is within a range that shows up in the SPEWS list, any server in the world that subscribes to the list will either:

a) bounce the email I sent to them with an explanation or

b) blackhole it or

c) flag as possible spam but let it go through. In this case wouldn't most folks set a filter to direct these flagged emails into their spam folder? In other words, the chances of them missing my email goes up because mine is buried in the real spams that slipped through that day?

What a sysadmin does with the information in SPEWS list is entirely up to the sysadmin in question. All of the possibilities you mention are valid, but it is impossible to predict how much mail you send would be lost, because it dpends on where you send it, and the policies in effect at those locations.


2) Per the spews.org page:
"SPEWS can be used to build router or firewall "reject" lists, used to deny any packet traffic to SPEWS listed areas."

This seems to be saying that a subscriber to SPEWS could deny people in their organization from seeing my website if my ip is in any blacklisted range.


Most policies set by sysadmins would be to reject/drop connections from the listed IP address(es) to the sysadmins network, and usually only email related, so, while it is possible in some cases for users on that sysadmins network to be prevented from accessing your web site or sending you mail, that is unlikely to happen.


3) From my reading of the usenet postings listed earlier in this thread, if a host ticks off an administrator via a post on usenet then SPEWS may be the least of the problem. The SPEWS faq says that the block will be automatically lifted in time if the spam from a host is handled diligently (although there is no direct way of doing this except leniency might be granted through a post to NANAE). However, there seems to be a way out of SPEWS eventually.

But, for example, an administrator for a mid size company could just toss a range (that my ip happens to be in) into their permanent block file and that's the end of it. And I'd never even know whether I was being blocked or not.

If an administrator does throw your IP block into their block list, you may not ever know about it, you may see some symptoms, but not know what the reason for rejection is, you may be able to contact the administator in question and get them to remove you, or you may not. The best idea is for you, your ISP, and/or your ISP's other customers to behave in such a manner that you never draw negative attention from sysadmins that may or may not arbitrarily block your IPs. A diligent ISP or host can monitor RBL lists, server logs, newsgroups and other things to get early warning that some of their IPs have attracted or are attracting negative attention, and take steps to head off further trouble, but if an administrator out there somewhere gets mad enough, there may be no way to ever get back into their good graces.


4) Lastly, I'm confused on the "granularity" of the ranges that show up in the SPEWS list. For example, I typed my IP into the "lookup record" box and got a "This was NOT found in SPEWS" reply. I know that "part" of my host is listed in SPEWS based on an evidence file posted on usenet. It appears this means that if a spammer hosts on the same "space" as me and my host gets put on SPEWS that I'll automatically get blacklisted as well.

So the entire host's range doesn't get listed but someone moving into my neighborhood (on my server ?) could get me innocently banned (as Mr. GeeksRUs posted). More to the point, how worried should I be about all this from a practical standpoint? If the host has been lax in the past but I suspect they'll be more vigilant in the future, odds are that I shouldn't blow this issue out of proportion and check SPEWS every day to see if I'm on it, right? Of course I could just move but theoretically it could happen on any host that I went to so that's why this question is coming up.

You are correct, It could happen to any host. It is less likely to happen with vigilant, prudent, well-run hosts, but that is no guarantee. You can use your own RBL checking scripts, watch newsgroups, and generally do many of the things a diligent host may do to get early warning of problems, but the host is probably in a better position to see whats going on.


If the interpretations above are true, I'm concerned about this issue because my customers are mainly on corporate servers where it would seem that the admins should be more vigilant (strict) on spam issues. I can deal with bouncing emails by using another account but not if they're blackholed or if my site is going to be blocked.

In summary, the SPEWS site is very well written but I couldn't glean an answer to whether my site could be blocked and how many admins in the real world go as far as I'm describing. Please feel free to provide a link if you feel this has been answered from adequately somewhere else.

Thanks. Sorry for the length.

In summary, It is a concern, there are no guarantees, there may be no solutions (other than switching hosts), but being vigilant, acting like a good neighbor (and having your neighbors do the same) and working with a host that understands the issues, and knows what to do will go a long way towards preventing any problems with black-lists. For the most part, black-lists only deal with IP blocks that have attracted a LOT of negative attention, or are seriously broken, such as open relays. SPAM may or may not be the reason for attracting negative attention also. Port scans, intrusion attempts, broken DNS configs, viruses/worms can all contribute to getting a sysadmin somwhere extremely pissed at you or your hosting provider. Most administrators are people though, and as such are often found to be reasonable, so there is hope. (There are only a couple of small netblocks that have gotten me pissed enough to permanently block them, and they are going to have to come up with a GOOD incentive, such as lots of money to get me to remove them from my block list.)

I think something good is coming of this thread.

So for those of us who *suspect* some spammers may be sharing out space at our hosts due to emails bouncing back and not being delivered, but are not experts in this field, where do people suggest we go to read newsgroups--which ones are best to find out about which hosts are being blacklisted, etc.?

valuable questions for those of us non-experts ;)

Thank you, elsmore1. Exactly the info that I was looking for.

Btw, hope your block removal venture yields an early retirement :).

Originally posted by Incognito
We just go on and on and on....with a topic on which the opinions were long ago expressed and clearly no resolution or agreement will be reached here, in the WHT court.

Why can't we just present opposite views, state our points, and let it go? Why do threads have to become a long argument leading to nowhere? Do we think there's going to be a vote taken and one or the other party awarded the victory?

I know that a lot of the posts have no definite answers and things are seldom resolved. But I'm hoping that this thread is open long enough for paul (or someone fromo VO) to state why those sites are still on VO's network.

Geeksrus has pointed out the threads that should indicate that VO was notified that those sites were spamming. I, in truth do not have the time to read them to verify. They're way long, and there is a lot of irrelevant information in them.

Will we hear this information from VO? I don't think so. It may even violate some privacy policy with their supposedly spamming customers.

I don't know, but to read elsmore1's post (and other sources) this whole spam/blackhole thing strikes me as quite arbitrary and bizarre. We seem to be at the mercy of geeks with attitudes who really have no accountability. The entire concept seems ad hoc and anarchic.

The guy has a valid point and I appreciate him posting info about Ventures Online. He probably saved me and others some trouble since I was considering signing up with them. I won't bother with them now because no host should remove a post off their bulletin board under the above scenario. Also, they should take the spam issue more seriously. Sounds like excuses or disconcern to me.

DCS: I tried to get VO to address this. They refused to address it, preferring - it appears - to attempt to hide it from plain sight by having me call them instead of simply dealing with the problem.

alchiba: Paul stated an untruth. This is a fact, unless he can back up the claim that he made. VO harbors spammers. This is also a fact (see below). I'm surprised that someone who has been very levelheaded in other threads refuses to accept what is placed before you. That is not germane to any of this, however.

sleon: elsmore gave a very good response to your various questions. He is correct in that most mail administrators are quite reasonable. They understand, as most people do, that spammers will be whacked only to pop up again. This whackamole situation is well known, and it is something that people live with because they have no choice. What they do have a choice on, however, is fighting back in the only way possible: by blocking mail delivery to their servers from providers who have shown themselves to have a poor attitude toward keeping their netspace clear of spammers. Other mail server administrators are under no obligation to accept email from anyone else. It is done because that is the way we got where we are today. If a provider abuses that, or does not respond effectively to issues within their netspace, they run the risk of falling into blacklists. As he also points out, if a provider becomes abusive with those who report spam or those who use the blacklists, that provider is very likely to slip into private blacklists so deeply that they will never see the light of day again.

bully: as elsmore points out, it really is not the client's responsiblity to try to monitor the abuse world. There are probably very few out of the thousands and thousands of hosts who even do this. On the bright side, it really isn't necessary that either party do this. Providers are judged (in the abuse world) by how they handle complaints when those complaints reference something in their netspace. If they fail to act, and the abuse goes on for some time, the client will feel the effect. If enough clients act as one, that might - might, not certainly - force the provider to act or risk losing legitimate business. If you want to see current topics, news.admin.net-abuse.email (NANAE) is the place to go. The noise ratio can be fairly high, but there is good information to be found there as well. If you are interested in seeing what sort of spam is being sighted lately, news.admin.net-abuse.sightings will show you. This group is used not just to show who the daily spammers are. It is used as a barometer for blacklist maintainers to spot those providers who are not diligent about dealing with their issues.

Mark: I know those links are hard to go through. However, most of the items in NANAES look like this one.
http://groups.google.com/groups?selm=OE29IW7lJDoWuZMWIGT0000d9da%40hotmail.com&output=gplain

Here is an excerpt from that. It cannot be more clear that this is a formal complaint, since the recipient is specifically asking VO to remove the site.

> Please remove this spammer
>
> Re:209.197.228.33 (Administrator of network where email originates)
> To: ipmanager@venturesonline.com (Notes)
>
>
> Re:Forwarded Spam (Third party interested in email source)
> To: s_p_a_m__buster@hotmail.com (Notes)
> To: uce@ftc.gov (Notes)
>
>
> Re:http://www.stocktalkreport.com (Administrator of network hosting
website referenced in spam)

> www.stocktalkreport.com resolves to 209.197.228.33

That report is dated 20020315.

Another report (copied to NANAES in addition to formal report)
Dated 20020406.

http://groups.google.com/groups?selm=OE422vHJXjzsv23pQub0000a87b%40hotmail.com&output=gplain

Re:24.205.30.145 (Administrator of network where email originates)
To: postmaster@charterpipeline.net (Notes)
To: abuse@charterpipeline.net (Notes)
To: support@charterpipeline.net (Notes)

Re:http://www.stocktalkreport.com (Administrator of network hosting website
referenced in spam)
To: ipmanager@venturesonline.com (Notes): 209.197.228.33

VONOC (NETBLK-VONOC-2) VONOC-2 209.197.224.0 - 209.197.255.255
VONOC (NET-VONOC-02) VONOC-02 209.197.224.0 - 209.197.255.255


Re:http://www.stocktalkreport.com/talkingpoints.html (Administrator of
network hosting website referenced in spam)
To: ipmanager@venturesonline.com (Notes)

There are others, but I think you get the idea here. As I type this, the site is still up and operational, within the VO netblock, at exactly the same IP address.

VO does not have to reveal anything private about this site. It would be clear if they took action with regard to it, as the site would not resolve to any VO IP. No one needs to know anything else about it - only that the site was removed, and thus VO has perhaps removed one black mark from their name. If they allow things like this to continue (36 days and counting, right now), and other complaints appear regarding this site or others within the same space, the possibility increases that other mail admins will just lose patience and take the action they feel is necessary, since VO won't.

Originally posted by alchiba
I don't know, but to read elsmore1's post (and other sources) this whole spam/blackhole thing strikes me as quite arbitrary and bizarre. We seem to be at the mercy of geeks with attitudes who really have no accountability. The entire concept seems ad hoc and anarchic.

The modern Internet was born of a rather controlled anarchy, post-ARPA.

Most of the RBLs are not arbitrary at all. There are admins out there who feel that their fiefdoms should be so well protected that they will place blocks on providers based on strange rationale. Most, though, are simply human beings trying to do their jobs and deal with the ocean of spam that flows across the Internet every day. No other admin who runs a mail server is obligated to accept anyone else's mail. Servers are private property, and admins can set any rules they like. However, treating them as some providers (VO included) treat them is not the way to curry favour. Not addressing the flags that are raised right in front of your face is a very quick way to show others that you do not intend to be a good neighbour at all.

I do not know if you are a host, but if you are (or even if you are not, since I think you'll understand the relation) consider this: some hosts deny access to their ordering systems based on the referer of the visitor. Some hosts block out all of Indonesia, for example, because they see a high amount of fraud in orders placed from that region. Do you think that unfair? If you agree with their assessment, then why is it so hard to understand why other mail server admins would want to protect themselves from junk mail arriving at their servers from places that do not deal with their spam issues when notified?

it is quite clear however, geek, that the client *does* need to be aware of what's going on out there. i am satisfied with my host, but would not be surprised there is spamming going on in his network because i have had problems having emails delivered and he graciously does not answer my questions about why, even tough i provided the info that said "youre a spammer and here's why" to him.

therefore, i think it's just responsible to know these tips because i can't just abandon my host at 2pm on a tuesday--i need proof. and if i had all the info, i could approach my host (whom i really like) and say "hey, i know this is an issue and here's why" and he would have to address it rather than thinking it's from someone who does not know what he's talking about.

get it? in other words, i would really like to know the sources of knowledge when it comes to which hosts are supporting spam and what lists they are on and why. i would be armed iwth information, and probably be successful too.

GeeksRUs I just want to ask you a question, would you remove a customer account if they used a buggie formmail? I don't know if that was what it happened with that accounts, but could be.

bully: I see what you mean, certainly. I hope you don't think I was being condescending or somehow dismissive of what you asked. I think it's great when someone actually takes an interest in something that can be (for lack of a better word) tedious much of the time. A great place to start would be right at SPEWS (http://www.spews.org). There is a great deal of information there along with links off to other places. The news.admin.net-abuse.* newsgroups are good, but very high traffic. It's also easy to get lost in some of the things that go on there, like the current troll who acuses people of being fascists for blocking email. Apparently he doesn't know the real meaning of the term. :)

Jorge: no, I would not. There are a number of spam complaints due to insecure form to mail scripts that have VO's name by them. I did not include those as specific examples. The reason is this: most form to mail script abusers use those scripts to advertise sites other than the site where the script itself is hosted. That there are so many complaints specific to VO with regard to those indicates they were lax in setting up a policy regarding form to mail scripts that could be abused. They now have a policy in place. That policy does not seem (http://groups.google.com/groups?selm=003f01c1e7e9%240634e2d0%244c00a8c0%40GEEKAPUSS&output=gplain) to be working (http://spamcop.net/w3m?action=checkblock&ip=209.197.236.10) as well as it could. That might very well hurt them as much as the sites they host like stocktalkreport.com, where headers show not the output of some abused form to mail script, but a regular piece of email sent through a VO server by the end user. The examples I've cited thus far are not the result of form to mail script output.

If I were a host, I would not remove a client just because of an unsecured form to mail script. I would make it a policy not to allow the generic form to mail scripts such as the one Matt Wright wrote long ago, as even the newest versions are exploitable. I would also make it a policy to remove those scripts when found - most likely, I would just create a cron to run every so often to find and remove them automatically.

Originally posted by GeeksRUs
VO does not have to reveal anything private about this site. It would be clear if they took action with regard to it, as the site would not resolve to any VO IP. No one needs to know anything else about it - only that the site was removed, and thus VO has perhaps removed one black mark from their name.

I just meant that it was possible that there are mitigating circumstances that excuse these sites from the "apparent" spamming. More than likely VO isn't going to post something like, "Stocktalkreport had an employee that was trying to get them into trouble, after an indepth investigation, we found their claims to be true." Not that I think this happened. But if it did, they may not be allowed to say. I agree that this is unlikely, but that's what I was addressing with my last comment.

Thank you for filtering those newsgroup posts. I wasn't going to try. I would have contacted them at abuse or postmaster though, and not the address listed at ARIN.

If I would open a serious, 24/7, 100% uptime, professional hosting company I would hire GeekRUs.
This thread is like a resume! He shows extensive knowledge here.
But I'm dragging off topic.... shame on me :angry:

totally agree--he's like a dog with a piece of meat. i mean that in the best of ways--exactly someone i'd want on my side.:)

OK. I took a day to cool off. I have spent *hours* really digging into GeeksRUs's complaints, including weeding through those nauseously insolent self-righteous newsgroup threads.

:puke:

Thanks for the reminder why I do not hang out there, geez Louise these people need some Prozac. And we wonder why people go ballistic with machine guns in the workplace? :eek: *sigh* Anyway, giving them the benefit of the doubt, I decided to take a close look at the exact things that GeeksRUs is complaining about. This is what I found.

That policy does not seem to be working as well as it could.

This statement references this link (http://spamcop.net/w3m?action=checkblock&ip=209.197.236.10) which for the lazy (like me) contains this report:


Blocklist query for 209.197.236.10
[show] "nslookup 209.197.236.10" (getting name) no name
209.197.236.10 has no reverse DNS information.
209.197.236.10 is and should be blocked:40.62% spam report rate exceeds 2% threshold

Traffic analysis:
Metric Qty (Weighted) Most Recent Oldest
Total traffic: 32 Saturday, 20 April, 2002 07:32:52 AM -0500 Friday, 19 April, 2002 01:08:53 AM -0500
Reported: 13 Friday, 19 April, 2002 12:27:53 PM -0500 Sunday, 14 April, 2002 02:38:00 AM -0500
Relayed: None recorded
Relay Closed: None recorded
Traps: None recorded

Listing history:
listed: Monday, 01 April, 2002 01:36:01 AM -0500
delisted: Monday, 01 April, 2002 01:50:01 AM -0500
listed: Tuesday, 09 April, 2002 03:51:04 AM -0500
delisted: Tuesday, 09 April, 2002 09:38:01 PM -0500
listed: Wednesday, 10 April, 2002 06:38:01 PM -0500

Spam samples:

Reportid: 73940856 dated Friday, 19 April, 2002 11:04:05 AM -0500


Return-Path: <nobody@pluto.vosn.net>
Received: from spot.etherboy.com (spot.etherboy.com [216.158.54.130])
by sack.dreamhost.com (Postfix) with ESMTP id BB92B13E202
for <))@mypants.com>; Fri, 19 Apr 2002 09:04:15 -0700 (PDT)
Received: from spot.etherboy.com (mailman@localhost)
by spot.etherboy.com (8.12.1/8.12.1) with SMTP id g3JG4Atk013797
for <x>; Fri, 19 Apr 2002 12:04:11 -0400
Received: from UNKNOWN(209.197.236.10), claiming to be "pluto.vosn.net"
via SMTP by spot.etherboy.com, id smtpdpnXyyi; Fri Apr 19 12:04:05 2002
Received: from nobody by pluto.vosn.net with local (Exim 3.35 #1)
id 16yary-0000vF-00
for x; Fri, 19 Apr 2002 12:04:18 -0400
To: x
From: tiffylestily6210@mail-box.com ()
Subject: hey (its Tiff)
Message-Id: <E16yary-0000vF-00@pluto.vosn.net>
Date: Fri, 19 Apr 2002 12:04:18 -0400
X-AntiAbuse: This header was added to track abuse, please include it with
any abuse report
X-AntiAbuse: Primary Hostname - pluto.vosn.net
X-AntiAbuse: Original Domain - cluestick.org
X-AntiAbuse: Originator/Caller UID/GID - [99 99] / [99 99]
X-AntiAbuse: Sender Address Domain - pluto.vosn.net
X-DCC-MAPS-Metrics: spot.etherboy.com 668; Body=0 Fuz1=0
X-DCC-Etherboy-Metrics: spot.etherboy.com 1002; Body=1 Fuz1=1
X-RHSBL.abuse.rfc-ignorant.org: YES
X-RHSBL.whois.rfc-ignorant.org: YES
X-Virus-Scanned: by amavisd-milter (http://amavis.org/)
X-SpamBouncer: 1.4 (8/24/01)
X-SBNote: From Admin
X-SBRule: Pattern Match (HTML) (Score: 1700)
X-SBClass: Blocked


Reportid: 69754870 dated Sunday, 31 March, 2002 01:49:07 AM -0500


X-Apparently-To: x via web10105; 30 Mar 2002 22:49:08 -0800 (PST)
X-Track: 0: 100
Return-Path: <nobody@pluto.vosn.net>
Received: from 209.197.236.10 (EHLO pluto.vosn.net) (209.197.236.10)
by mta463.mail.yahoo.com with SMTP; 30 Mar 2002 22:49:07 -0800 (PST)
Received: from nobody by pluto.vosn.net with local (Exim 3.34 #1)
id 16rVDk-0002d4-00; Sat, 30 Mar 2002 21:37:28 -0500
To: x,x,x,x,x,x,x,x,x,x,x,x,x,x,x,x,x,x,x,x, x
From: ctannbflzjzl7365@aol.com ()
Subject: Customer #74236393 Free Porn Subscription 74236393fjeuzzyamptipo
Date: Sat, 30 Mar 2002 21:37:28 -0500
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - pluto.vosn.net
X-AntiAbuse: Original Domain - yahoo.com
X-AntiAbuse: Originator/Caller UID/GID - [99 99] / [0 0]
X-AntiAbuse: Sender Address Domain - pluto.vosn.net
Content-Length: 649

The problem e-mail was sent via a "nobody" process at pluto.vosn.net, which is also incidentally what FormMail runs on. There is no valid POP account/address at pluto.vosn.net that sent this mail... this was a FormMail exploit.

Furthermore, if we visit the advertised site, http://nesarchive.com/users/tiff we get the most interesting message: "Account disabled due to abuse." This site's webhost is Logical Web Hosting, with rDNS of http://divide0.net that resolves to IP 63.169.206.66.

The abusive site, http://nesarchive.com, has an IP of 63.169.206.66 which is incidentally a shared IP with the main host, http://divide0.net. So not only has nesarchive.com gotten themselves in trouble, but they've dragged their host's IP into the foray. Slick.

And just in case you're wondering, no, divide0.net is not hosted on the VO network:


Administrative Contact:
Divide Zero Networks
none none
21960 McClellan Road
none
Cupertino, CA 95014
US
6106904674
general@divide0.net

Technical Contact:
Divide Zero Networks
none none
21960 McClellan Road
none
Cupertino, CA 95014
US
6106904674
general@divide0.net

Billing Contact
Divide Zero Networks
none none
21960 McClellan Road
none
Cupertino, CA 95014
US
6106904674
general@divide0.net

Registrar..: gkg.net (http://register.gkg.net/)
Domain Name: DIVIDE0.NET

Domain servers in listed order:

NS.DIVIDE0.NET 63.169.206.67
NS2.DIVIDE0.NET 63.169.206.68


Now let's look into the pluto.vosn.net end of things.

One, I have no idea who this person is. Pluto is not a shared server at VO, therefore it's a dedicated and as such, is completely managed by a client, not VO themselves. VO supplies the hardware and the connection... how a client chooses to screw up is (sadly) their own doing (although VO most certainly can & does notify dedicated clients of problems & complaints received). The default form-to-mail solution provided by VO is not being exploited, this is a third-party script installed by the server administrator, that's being exploited. So please understand that VO is not handing out bad scripts like candy to small children. :(

In fairness to VO, as old/exploitable versions of FormMail are being found, they are being disabled by VO technicians, and notice being sent to the affected domains/resellers/administrators so that the sites are brought into compliance with the policy stated at http://voinfo.net. If you need proof, I would ask the clients who've had their scripts disabled ;) because naturally VO's privacy policy forbids posting such information on a public forum (as I am sure you would expect your privacy to be honored too, regardless of whether you screwed up or not). I personally know of a couple of such clients through my ramblings (in talking to the clients), but I am not so presumptious as to plaster their names here. I just don't think it's appropriate.

For this particular example, which was nothing more on Geeks' part than a simple Google search :( it appears to have been addressed in <24 hours. The offending spammer has been yanked offline, at least for now.

As for the status of pluto.vosn.net, you'd have to ask that server owner why the heck he/she is running an old version of FormMail, but please rest assured this was a separate install on his/her part. I cannot say whether or not the administrator of pluto.vosn.net is aware of this problem, but I am sure they'd be happy to circumvent any fines by VO (which I see they have now implemented... neat-o) by pulling that script off their box. Whether it applies to this particular instance, it *does* appear that VO is disabling old versions of this script, but understandably with hundreds of servers, I would not expect the process to be an overnight thing. :\

Again, I have no problem calling the kettle black, but I also believe in being fair.


</DCSN>

Anybody try http://stocktalkreport.com lately?

Sometimes it's not what you say, it's how you say it. All the ranting and raving and lunacy (e.g., this thread) was ignored. A single properly-placed message courteously and intelligently citing the evidence did the trick.

*curtsy*



</DCSN>

ummm, my guess is that a nice note to VO did not work in the first place, therefore the creation of this thread. the reason that site is now offline is because of this thread.

hate to say it, but this thread is INCREDIBLY bad publicity for VO, and while paul or whomever at VO are claiming to ignore it, you'd better believe this thread kick-started some serious changes there and they are reading it closely.

i *almost* moved all my sites over there a few months back, but did not. if i was looking now, i wouldn't even touch VO, and i am quite certain VO knows that anyone doing a search on here for VO is going to come to the same conclusion unless they address the *original* point of this thread--that they left spammers on their servers.

a simple good PR move to address the potential loss of business would be to address the original issues here instead of vicious defense and changing topics or playing semantics (or relying on the name-calling by their defenders which looks pretty silly). how they handle that is their choice, but if i were them i'd be on here posting the results and at least giving some credit to geeksrus for pointing out some verifiable mistakes. of course VO deserves a chance to address the situation, but pretending to ignore it in hopes it will go away is not gonna solve anything. that's just basic crisis management 101.

Can you tell I was up most of the night working throoouuuugh each of these issues, trying to understand them and lay them out? By heavens, if I need to be complaining to someone, I will. So please tell me where my complaints belong here:

Originally posted by GeeksRUs

Thread at the VO forums, which has been edited. I can only guess that one of the edits in this thread is a removal of the link to this thread one at WHT. The other might be a list of IPs that are blocked, based on responses from Paul and Bailey.

http://www.venturesonline.com/forum...p?threadid=3481

In a nutshell, a user on zerowing.vosn.net is finding their mail blocked at Freeserve, a UK-based ISP. Both Paul and Bailey tell lthe user that Freeserve's list is outdated; Bailey says the answer is to get Freeserve to update their lists.



My notes on this situation:

(1) VO Forum Moderation & Editing
The VO forums are moderated and edited. It says this in the rules, which incidentally, all forum subscribers are told about, up front, and agree to at the time of signing up. GeeksRUs agreed to this too, when he signed up. Always been that way. Users who aren't comfortable with that, perhaps should not click that button labeled "Agree."

:confused:

Please "search" here in WHT and you'll find the general concensus is that a person's/company's forums is their proprietary property, and they have the right to make and enforce the rules there. Nobody said you have to like the rules. If you run your own forum on your own site, you can make your own rules too. It's the sandbox concept: if you diss me in my own sandbox, I'm going to edit you. If I dissed you in your sandbox, most likely you'd edit me too. That's why there are third-party forums like WHT which, incidentally, are also moderated and regularly edited according to a set of rules.


(2) Mail is not being blocked as GeeksRUs states above.
GeeksRUs states, "In a nutshell, a user on zerowing.vosn.net is finding their mail blocked at Freeserve, a UK-based ISP." This is not true. The person's mail is not being blocked at all, in fact, is delivering fine. The problem is, the standard X-Anti-Abuse headers generated by Exim are for some reason being pasted into the actual message of a Freeserve client's e-mail welcome:

I am finding that on some ISPs, the headers are being included with the email, yet on others they are not, here is what one test showed. I can not seem to prevent some ISPs showing the email headers as below:

Any idea?

<snip>

Message-Id: <E16xx5z-00035V-00@zerowing.vosn.net>
Date: Wed, 17 Apr 2002 15:36:07 -0600
X-AntiAbuse: This header was added to track abuse, please include it with
any abuse report
X-AntiAbuse: Primary Hostname - zerowing.vosn.net
X-AntiAbuse: Original Domain - name.freeserve.co.uk
X-AntiAbuse: Originator/Caller UID/GID - [99 99] / [99 99]
X-AntiAbuse: Sender Address Domain - zerowing.vosn.net

Hello Lynn
Thank you for your order for the VWH-100 web hosting plan... etc. etc.

The party continues to make the assumption that "now anyone who signs up or receives an email from me or anyone else on a server connected to vosn.net such as zerowing.vosn.net seems like many ISPs, Freeserve being the Uks largest will mash the email because of SPAMMERS."

This is directly refuted by another Freeserve client on another server connected to the vosn.net network, gamble.vosn.net: "I use Freeserve and do not get headers in the actual email body when I receive mail from gamble.vosn.net." ... and in another reply "my post was really just to say that it did not happen from all vosn.net servers as stated."

Now...... since vosn.net does not appear to be the wildcard here, let's look at the server itself, zerowing.vosn.net, thinking perhaps the server is being singled out on its own merits:

http://www.samspade.org/t/rbl?a=zerowing.vosn.net&r=on
Now for the lazy, myself included, this is what the report says:


SamSpade DNSBLomatic


Check
Resolve reverse DNS

zerowing.vosn.net resolves to 209.197.232.11


Checking VISI.com Relay Stop List (RSL), Osirus Relays List (OSIRUS), Dorkslayers ORBS-clone (DORKS), Dorkslayers Zero Tolerance List (DORKZTL), Open Relay Database (ORDB), Arbitrary Blackhole List (ABL), DevNull (DEVNULL), Five Ten (FIVETEN), ORBZ Inputs (ORBZIN), ORBZ Outputs (ORBZOUT), SpamCop Blacklist (SPAMCOP), Intersil (INTERSIL), Compunet (COMPU), FloNetworks List (FLOWGO), Summit Blocking List (SBL), Spam Prevention Early Warning System (SPEWS), Blitzed Open Proxy Monitor (BOPM), Spamhaus Block List (SBL),

209.197.232.11 (secure12.vosn.net) not listed

The following lists block access via this tester, so you may be listed there

Realtime Blackhole List (RBL) Check via list website: 209.197.232.11
Dialup User List (DUL) Check via list website: 209.197.232.11
Relay Spam Stopper (RSS) Check via list website: 209.197.232.11
RBL+ (RBL+) Check via list website: 209.197.232.11


So in fairness, let's check the ones that are blocked by SamSpade:
Realtime Blackhole List (RBL), Dialup User List (DUL), Relay Spam Stopper (RSS), RBL+: "The IP address 209.197.232.11 does not appear on the MAPS RBL." Source: http://mail-abuse.org/cgi-bin/lookup?209.197.232.11

hrmmmmmmmm. Alright, I'm still being fair. I want this server to be blocked somewhere, to account for why Freeserve is sticking headers in zerowing but not gamble.

Let's try Google. That is the search engine of the day. ;) zerowing.vosn.net... searching... nothing found in Web... one listing in Groups, under alt.php.* where the client appears to have requested help and then decided it was a spam issue, so everyone stopped helping him. :(


Conclusion:
My concern rests here. GeeksRUs was so quick to very inaccurately cite an issue from VO's forums that very clearly is not a spam issue, and yet he insists that it is, obviously without doing one iota of the research he's so famous for.

I have no problem with showing somebody where they have messed up. Please, if zerowing is having spam problems, show me where. :( I can't find it. Gamble isn't experiencing these issues with Freeserve, but the Gample client is running scripts in perl, not php.

The wildcard in this situation seems to be the coding the party is using, not the server (at least not the server in terms of "spam"). The headers are clean with perl. Maybe Freeserve tags php content. ??? Anyone else flush php through Freeserve, that could share their experience?

If I am misunderstanding this particular issue, could someone please show me? I mean no disrespect to the VO client who is encountering these difficulties, I think it's only fair to him that we get to the bottom of the issue (as it could potentially be happening to other people on that server, too)... but I do think it was very unfortunate and improper of GeeksRUs to use this poor fellow as a posterchild just to prove his point... when it appears to not even be related.

:(

Call the kettle black, but do be fair.


</DCSN>

ummm, my guess is that a nice note to VO did not work in the first place, therefore the creation of this thread.

No offense to you, bully28, ;) but the guess is incorrect. It's a well-documented scenario (by the thread starter, review his first post) that this thread was started because posts which were considered inflammatory were removed by a proprietary forum's administrators. I read those first posts, they were not "a nice note." Even the WHT Moderator Chicken is pretty much in agreement on that point. :eek: We're all on the same page, where that goes.


the reason that site is now offline is because of this thread.

Indirectly, yes. It was mentioned to the appropriate folks at VO, through the appropriate channels, in an appropriate and courteous manner that this particular complaint warranted investigation, and could they please look into it?

I may be old enough to be many WHT-posting hosts' mother (see http://www.webhostingtalk.com/showthread.php?s=&threadid=42855&perpage=15&highlight=teen%20host&pagenumber=4) ... but in this case, mother's advice is right on target: "It's not what you say, it's how you say it." Simple advice, works in practice.


*curtsy*

</DCSN>

likewise, i mean no disrespect to you, but i think the truth is there--those sites were definitely living on their space and had been for a while. just out of interest, i checked myself, and i don't care. (maybe because it's crappy weather outside and i'm sitting here, but i took an interest)

i don't think any of his posts were necessarily inflammatory, but i think it's a matter of whom do you believe. VO could tell you that this person never contacted them, but i'm inclined to believe he did. and while i think it's great you asked VO to check into it, WHY was it not addressed earlier?

we may never know, and i frankly don't really think i care to know.

But i know what i read: and VO definitely danced around the issue from the beginning of this thread, instead taking issue with the 'liar' comment and the aol rDNS issue. but the other issue remained strangely unaddressed throughout the *entire* thread by anyone.

until you noted that one of those offending sites had been turned off. i'm really inclined to believe paul or whomever decided maybe it WAS time to take action. and it was clear that they had ignored it, for whatever reasons (too busy, mistakes, or not willing to remove paying customers), until now.

so whether your courteous note gets the credit or the loud smack they got in this thread helped address the issue, we'll never know. but a thinking man knows that the squeaky wheels get the grease.

finally, chicken knows that this thread, outside of the 'liar' comment (which i think may have been a little harsh), is FAIR. plain and simple. people don't like to see their friends or hosts attacked, but they looked pretty dumb making extremely personal attacks on the accuser, in the end looking no better.

chicken may agree with yoiu in private, but this thread remains because it's relevant, it's not unfounded in its accusations, and it's helpful for laymen like me to know when some of the issues that affected geeksrus affect me and my business. i now know where to look.

and that, my friend, is why i'm all for this thread. sorry, VO, you messed up.

bully> No one is saying the kettle isn't black... :rolleyes:

This is really not a change in behavior... generally speaking, I am of the impression that VO does not comment about client issues in public third-party forums. All the information they have shared is posted for everyone to see throughout their website, and they address individual client's concerns personally. They generally don't participate in the arbitrary higher court of WHT fiefdom. Quite frankly, if I were in VO's shoes, I wouldn't respond here either.

:(

I felt that Paul was responding to defend his personal integrity, and I see no problem with that.

*shrug*

And naturally, contrary to the incessant crossing of lines and posting of decidedly personal information, I do respect the privacy of those involved and so will not post "proof" of what did or did not incite the action against particular accouts. However, I do know the timing, the parties and the content... Go ahead, believe what you want. *shrug* In this case it was a VO client who simply wished the integrity of the network she uses to be honored. A rational, courteous request garnered the attention that a brash, name-calling maelstrom could not. VO is responsive to their clients, but you have to give them a chance.

We're entitled to our own opinions, bully. You will not change mine, and I will not change yours. I am okay with that. Are you?

;) </DCSN>

i don't know about you, but i own a business. and if my business is being judged in a public forum, in a public forum i will address it. that's why they call it PUBLIC relations. it does not exist behind their doors. personal integrity is important, but i don't know paul. i don't care if he picks his nose in public. but i have a need for a service his company offers.

like i said, it's bad PR because people come here to find out who to host with. and invariably everyone says "do a search on them!". well, you get the picture. that's why moderators shut down attacks on hosts that are baseless. but this was not baseless. it was supported with plenty of evidence. funny, though that the personal attacks on the accuser were left on the thread... i'm not claiming bias here, but i smell it.

i'm okay with you not changing my opinion. but you need to change yours, okay? :)

(*that was a joke*)

Yes bully, I do own a business. Aside from my hosting business, I also host a website that dovetails my bricks-and-mortar business. That particular website has done equivalent sales in the past 12 months, that would equal the value of a particular [edit: domestic] car that starts with a "J." That's just the web end of things, which only accounts for about 20% of annual gross income.

I run that business, I built it with my own hands from the ground-up. I know all about PR. And when we had our own PR screw up, we didn't come out with banners and public to-do's. We personally addressed each customer who had been wronged (and rectified each wrong-doing), and personally addressed each outside inquiry about it. There were no big announcements, there was no banner-waving. After a week, not only did nobody care, but all was forgiven because we handled the issue maturely and professionally.

In this example, it follows that everyone likely will not see a banner-waving from VO. They are addressing these issues personally with their clients, and so you won't see an expose about here at the WHT Court.

I use Paul's services, and in my experiences (which are just as valid as any other customer's experiences, including Geek's), they are working very nicely.

Now, as for opinions, pay up, buddy, and we'll talk. ;) LOL hehe

</DCSN>

a jeep? because since jaguar is owned by ford in detroit and jeep is owned by daimer-chryser out of germany for all practical purposes... :)

i wasn't boasting about the fact that i own a biz.... just pointing out. in fact, my biz is not web hosting at all (and i have to go figure out which lot of cars it's annual income relates to--leather, no leather, etc). i just use the services. but congrats on yours, more power to ya.

but let me ask you this: your company flubs something big time and your detractors back it up with substantial evidence. what do you do? ignore it? you shouldn't. it's basic PR, and every company has a need for it, whether it's just in the form of chatting in a thread or issuing press releases. i may be new to the former, but the latter you could say is part of my bread and butter. large companies realize that the public will make sometimes irrational decisions, and you must constantly gauge how they perceive you in that space if in fact you want to grow.

you can't tell me with a straight face that this thread is not harmful to Ventures Online--look at some of the threads saying they'd never host their site there now. that would be money in the bank, now gone.

VO in this case made the changes. enough said. but it was all quite unnecessary, and now is their oppty. to say 'hey, we've addressed all spam issues, why don't you come back and check and see for yourself'. but they don't. this is a critical mistake, because they are being judged in the marketplace by NEW CUSTOMERS. they can't go each one and beg forgiveness. we judge with our wallet. paul has no idea who i am, but he could address me and others who may have lots of money to throw his way in order to at least address the issue.

additionally, i would compare how they are reacting to, say, alwayswebhosting. ronnie is constantly monitoring his forums because he knows the value of good PR. you can't post something online about his services without a reaction from him. and a friendly one, at that.

it is, in fact, one reason i'm a customer of his. i sought out opinions, and there ya have it.

Seeing as your dying for a post from someone @ VO I'll post.

But lets get one thing clear, I am an owner but currently not an active participant in the company, and have not been for the past two months, so while I cannot post directly to the current issues I will clarify a few things as well as explain why no one else from the company has posted here.


First, while I did not read Geeks original postings on the VO forums I have dealt with customers and people complaining about spam before. I will tell you right off the bat, a simple "Hi, it appears site xxxxx.com is on your network and its sending out a lot of spam, here's a copy of the email sent with the headers, please take care of this user". That’s all it takes to get rid of a spammer, whereas with a long flamboyant flaming message, will most likely get ignored no matter the outcome, its common since, you yell at me I ignore you, you talk nice to me and I’ll listen. I don't care who you are, but no one wants to hear someone else yelling at you for something you may very well have not known about, much less something that they don't know all the facts on.

When I was the acting CTO there we handled the spam complaints, and we got a lot of them, all it takes is one spammer to send out a few million emails to get flooded with thousands of complaints, where-as if another spammer sends a few hundred or a few thousand emails out and only a few complaints come in, it is entirely possible for that to get missed, but thats also considering we were in the midst of a move and a renumbering during that time, it should be settling down by now and things getting back to normal.

Now, as far as no one replying to this thread I will tell you why. It degraded and degraded fast, you've got everyone and their brother posting in this, some throwing around facts, others throwing around accusations and other companies sticking their feet into the posts just to get a little PR and make a competitor look bad. So the fact is that this thread has no purpose, its only purpose was to attempt to damage VO rather than get a problem fixed, if Geek really wanted the issue resolved he would have gone about it in a calm and approiate way.

Some of you may not agree with this but this is what I've done on other occasions, as far as Paul’s posts and AOL and the r-dns etc, I cannot speak for that, I have heard from a few other hosts regarding that AOL issue, so while I do believe it exists in some form or fashion I didn't take the time to dig into it to explain it. You have to remember, Paul is a salesman, not a tech guy, so he explains the issues as best as possible. I'm sure he could have been more accurate in his description, but nonetheless the problem was resolved, so that part is truly a dead issue.

Anyhow, as I said I’m only an owner not an active participant in the company at the moment due to me retiring. But I can guarantee that VO does not like nor accept spammers, but they happen, hell, **** happens, and all we can do is our best to correct it, however, yelling or throwing accusations usually gets you no where fast.

your company flubs something big time and your detractors back it up with substantial evidence. what do you do? ignore it? you shouldn't.

We didn't ignore it. :confused: I said that already. We addressed each customer's situation with them personally, and I personally addressed each inquiry from the outside as they came in. But I didn't take out an ad in the WSJ, or even the local paper, because it was inappropriate. We took the high road, we assisted our customers, and the "outside" inquiries, one-on-one just as VO does today.

Maybe that's not how you do things, and maybe you don't subscribe to that M.O., and that's fine. That's why every industry thrives on the premise of "competition," and why competition even exists. There is nothing wrong, not even unhealthy, about this. This is the stuff that makes cash flow, here, there, worldwide. Were it not for competition, your host would not be in business. ;) Nor would I, in any industry.

And I am still waiting for you to pay up.

;)

</DCSN>



P.S. Thanks for tutoring me on cars, hey, I'm a girl. ;) All I know is I love my SUV, honestly I don't pay much attention to those shiny racy-like fancy cars, as you can tell... LOL

daniel, it seems that yelling did get people somewhere, because at the beginning of this thread, the accusations were verifiable. now the situation has been resolved. not that i'm endorsing it, i certainly understand the benefit of the velvet glove (and have had it used upon myself several times--this is not a post about my personal life, btw ;) ), but it seems that the smart folks at VO did something about it. and it was the right thing to do.

i'm not dying to hear from anyone--i'm just tellin it like it is. you lose biz when people see your current customers aren't happy. and like i said, people act irrationally, fair or unfair, it's the customer's right. in geek's case, he pretty much laid it down hard and cold, and whether or not it was the best approach, the facts remained there. so it behooves anyone to respond. and here you are ;)

dcsn, you miss my point. you know full well that i'm talking about posting here, not the wsj... that would not be appropriate. PR can be done at a cocktail party, on an elevator, in a forum, or on national television. i don't know what your product is, but i suspect you'd react where your potential customers would see it. and i already said it, but i'll say it again--you can't communicate personally with non-customers.... but your POTENTIAL ones are reading the threads that you may choose to ignore, at your own peril.

basic biz rules apply to any biz, period. i don't care who you are, nobody is above the costs of an unhappy customer or a doubtful potential one. mind you, i am not trying to question your skills or your business at all--so don't take offense. just speaking in the general sense. don't come after me with your SUV!





:stickout

Hi bully,

Really and truly, I do understand your point. Please don't get lost in my illustrations, I too am trying to make a point. ;) Not all PR issues require a public posting so all may scratch & sniff the dirty laundry. Just because I don't do public scratch & sniff, doesn't mean I don't do PR. ??? Some great stretches are being made here. Please go back and slowly re-read what I am saying. PR comes in many forms and not all of them involve posting here or in its industry equivalent.

I call it grace, finesse, maturity, professionalism. You call it ignoring, from what I gather from your posts. That's fine. You don't like my way of doing it, and I am cool with that. Just understand that regardless of industry, not every business is going to do things the way any particular customer/individual wants them to.

...this is all just a general point to ponder... and my comments address mostly bricks-and-mortar, and as a side-note the hosting industry. In the end the same Biz 101 fits us all, but I draw these observations from my bricks-and-mortar experience.

;)

Bottom line, you didn't pay up, so I refuse to agree with you on any point actually. :D And if I wake up tomorrow with a flat tire on my SUV, I know where to point fingers!!! LOL j/k


</DCSN>

I have to say this is one of the more interesting threads that has ever come about. Just a couple of comments from our perspective.

Geeks asked a question that so far, no one else has answered. How long does it take to terminate a spammer? For us, not long at all. We take a very hard line against spam and spammers, and sites are removed on first receipt of a spam complaint. This is generally done within just a few minutes of receipt, and always within the hour. From time to time we catch spammers as they are actually working, and nuke them. It's always nice to be able to respond to spam complaints with a note that the site has already been removed. This also applies to resold sites or sites on the servers of our dedicated clients. Our resellers can tell you that we have removed resold sites just as quickly as regular sites for spamming violations. We keep a list of known spammers and have been known to nuke accounts set up by resellers just minutes after setup if the account matches one of the domains on our known spammer list.

DCSNetwork, I think the post about the formmail exploit that you responded to was exactly what Geeks was saying. VO has a policy against them, and so do we. To me (and this is just my opinion), if any machine name references us, then it is our duty to make sure that those machines are clear of items that can be explited for the purpose of spamming. We require certain terms from our resellers and dedicated clients, and honestly I don't view this any differently.

Now, with all deference to Paul and Daniel, and as much as I hate to say it, it does seem that VO took a very long time to act in some of these cases. It also seems that no action would have been taken had it not blown up into this very long thread. This stocktalkreport site for example, is now down I see. That's a good thing. I looked at the links posted and saw the complaints that were copied to VO. None of them are nasty. One even says please. Others are just standard complaints, without additional text. I'm curious to know from Daniel if that isn't considered a nice request, and how you balance that with a response posted by someone who sent an email asking some questions that contained a pretty harsh reply from you - at least as harsh as some people have said the posts by Geeks are. Or the responses from other VO folks in various threads that seem to be fighting with the people who might be able to help. A word of friendly advice: fighting with people in the net-abuse groups is never a good idea, because it just makes them look even more closely at you. One person in a discussion of the SPEWS listing for 209.197.236.0/25 in nanae even says something about that.

"You know, I have gotten quite some pyramid spam from icu.vosn.net
([157.238.46.85]), I already list that verio netblock. Drawing my
attention to another netblock and the spammers you host there wasn't
smart.

For example, I notice that spews could add ns2.wasatchhosting.com
(209.197.246.166) to S1162."

I'm also curious to know from Daniel how the moves that VO did in January affected the removal (in April) of a site reported for spamming (in March). This isn't to pick a fight, I'm just curious.

One thing I do take issue with in everything I've seen so far: I do not agree that using "we have x machines" is a valid excuse, and for that I will not defer to VO or anyone else. I've seen that statement posted by several VO people (since they are the ones under discussion). As a token of professional advice, I would recommend not using that line in any discussion about anything business-related in this industry. The antispammers won't care, and to others it gives the impression that you might not have enough staffing to provide adequate monitoring over the servers you maintain. I know VO has a number of employees, but other people who are casually surfing around might not.

Wow, that turned out longer than I expected. I don't expect to reach the lengthiness of Tim or Geeks (who's making a run at Tim for longest typer) though. :)

While reviewing Annette's response, I noticed in all my Google searches that the spam sent from "nobody@icu.vosn.net" dates from late December and early January. There doesn't seem to be any in the months since then.

Anyway it would appear that those accounts, if they were on that server, are gone. The reason I say "if" is because every mail was a nobody process, which might look much like an exploited formmail, not an actual user. :\

Out of curiosity I did try VisualRouting each and every domain attached to the complaints, but not one traced to VO, nor the server Annette quoted.

If these were on VO servers, the findings at Google would suggest they are long gone.

:confused:

Not saying there's not a problem, just that it's old data.

</DCSN>

[edited to correct my basic misunderstanding... I thought a script installed on an account would run under the usr account, not under "nobody." :blush: Again sorry for the mistake]

To concur with GeeksRU's previous statement, I just came across this at http://www.monkeys.com/anti-spam/ ... etc.

More information about the dangers of having an unsecured FormMail CGI script installed on your web site may be found in the following security alerts:

* http://securitytracker.com/alerts/2001/Mar/1001108.html

* http://www.nwfusion.com/newsletters/bug/2001/00556960.html

* http://www.info-sec.com/internet/01/internet_032701b_j.shtml


NOTE! Do not trust even the latest 1.9 version of Matt Wright's FormMail script! It has recently been discovered that even the latest (1.9) version of this script can be easily hijacked by outside spammers. Matt Wright's FormMail 1.9 script is also vulnerable to what are called cross-site scripting attacks. (We have published a lengthy security advisory about the many FormMail 1.9 security problems that allow this script to be hijacked by outside spammers.)

Because even the latest version of FormMail being distributed by Matt Wright is riddled with security flaws, we are encouraging all users to completely remove all copies of this script from all web servers immediately. (For the benefit of those who cannot easily remove this script from an existing web site infrastructure, we are now distributing our own free replacement version of FormMail 1.9 which we believe corrects all of the remote hijacking vulnerabilities, as well as the cross-site scripting vulnerabilities.

Once you have read the various FormMail-related security bulletins whose links are given above, then please go and remove all installed copies of the dangerous FormMail CGI script from your web site or, if you are an end-user, ask your ISP or your local server administrator to do so.

Direct link to the 20-page Security Advisory, .pdf format:
http://www.monkeys.com/anti-spam/formmail-advisory.pdf

Monkeys.com does offer a free replacement script that they "believe corrects all of the remote hijacking vulnerabilities, as well as the cross-site scripting vulnerabilities" ... now I don't know these guys, but then again, I don't know Matt of Matt's FormMail either. So use this information at your own risk. I cannot vouch for the players in the game, this is just what's out there for review.

Link to get free FormMail 1.9 replacement:
ftp://ftp.monkeys.com/pub/formmail/1.9s/


Just FYI for anyone interested.

</DCSN>

Anyway it would appear that those accounts, if they were on that server, are gone. The reason I say "if" is because every mail was a nobody process, which really looks much like an exploited formmail, not an actual user. :\

I've seen this attempt to blame it on Formmail enough that I can't refrain from answering....

mail shown as coming from "nobody" is evidence that the spam is being generated or piped through a script, sure enough. So what? It doesn't have to be formmail, as any script will do, including scripts generating the email right there on the server, or formail being used to relay mail. That has got nothing to do with anything. Do you think spammers are more likely to use a script to generate thousands of messages, or would they prefer, as it seems is being suggested, to type in each individual spam message by hand? Of course, the answer is that spam will most often be generated by a script, which, when sent from that server, will show that it was received by the server from "nobody", or whatever username the mailserver is being run under.

If you want to assume that the mail is being relayed through a formmail script on the server without the site owners knowlege or consent, it doesn't make the picture any brighter. First off, without more information, the assumtion is a tenuous one at best. Secondly, it is still inexcusable. Sure, I would not remove an account for an isolated incident of a script being used by unauthorized persons to relay mail (formmail is not the only guilty script), but... I would durn sure take steps to see that it didn't happen again with that same account, with warnings (and help) to see to it that the account owner understood what had happened, how to prevent it from happening again, and a clear explanation of the consequences it it should continue to happen.

As an administrator of networks on both sides of the issue, I get to deal with handling spam coming in to "my" networks, and spam leaving my networks. When confronted with thousands of spams coming in to my network from a server left insecure with a vulnerable mail-relaying script, what I want to hear from the administrator of the network sending me the spam is "I'm sorry, here is what happened, and here is what is being done to see that it doesn't happen again." I don't want that administrator to tell me that "It wasn't our fault, some meanie used a script on our network without our consent" or... "I hate spam, but I'm really unable to keep scripts and or users on my network from sending you spam". I don't really care how, when or why the spam came from your network into mine, I don't want to have to deal with it. I've got other things that I would rather be doing. I understand that it will happen to all of us from time to time, so it's OK that it happened this time, but please don't give me excuses, just fix it. Soon. If you don't know how to fix it, find out, or hire somebody that does know how. If you don't have enough staff to keep up with the amount of work you have to do, hire some more. Don't tell me about your problems and expect me to be any happier about the fact that your network is flooding mine with un-wanted email, or that I spent valuable time handling problems caused by your network. If the "owner" of the script was an unsuspecting bystander to the incident, and stood to gain nothing from the spam, I have no desire to see them further hurt by having their account canceled, all I want is for them (or their network administrator) to see to it that their script(s) no longer send me spam that I have to deal with.

On the other side of the coin, I have users on my networks, and some of them have (and will) upload scripts into their account space that will be used by unauthorized third parties to relay mail from servers under my control. When it has happened in the past, steps were taken (sometimes within minutes, and several times before the spamming started) to shut down the offending script. When spam complaints were received, a short explanation of what happened, and the assurance that steps had been taken to prevent it from happening again were all that were necessary to satisfy the complainant. I did not have to remove or suspend the users accounts to make anybody happy, because all involved understood that it was not an intentional act by the user, the user did not profit from it, and the user sincerely regretted that it had happened to start with, and really did not want it to happen again. (I have good users, cuz I am picky. :) ) Now if a user on one of my machines refuses to take my advice or to take steps to prevent it from happening again, I'll wave good-bye to them on their way out the door.

So, what I am really trying to say is, cut the excuses. Don't tell me why you allowed spam, why you can't stop it, or why it isn't your fault. Tell me what you are doing to prevent it. If you do, I'll be happy, at least until it becomes apparent that you have not yet nor are you likely to prevent it as you said you were attempting. If all I get is excuses and/or beating around the bush, I'll take steps to keep your network from adversely affecting my network. After all, my first responsibility is to customers of my network, not yours. :)

note: The pronouns used in this message are not intended to reference any specific individual or company. All are used generically, with the intent of illustrating a point. I have no problems with any person, company or other entity discussed in this thread to this point, (although I may or may not agree with the views those persons, companies or other entities have expressed to this point in the thread.) --edited to correct typo's and to add this disclaimer.

<Edit: I'm tired, and no amount of repeating what's already been said is going to make any difference. I am going to bed. My apologies... Never mind.> :blush:

:sleeping: :sleeping: :sleeping: :sleeping: :sleeping: :sleeping: :sleeping: :sleeping:

.....................................................................................................................................
......................................................................................................................................
.....................................................................................................................................
..................................................................................................................................

From our side of the fence, in relation to formmail scripts, most of the spam relays through them are done without the site owner's knowledge. Spammers that set up shop on an account usually bring their own scripts since the formmail exploit can only take so many addresses at a time. It is amusing to watch the logs when we find and disable a script that is being used in that way and see how long it takes the spammer to figure out they're getting 404s. :)

DCSNetwork, the thing about formmail scripts is that they are abused by spammers who find them and are generally used to spam for sites unrelated to the site where the script is actually located. That's why when you try tracing to a domain mentioned in a formmail-generated spam, it rarely belongs to the network where the spam itself originated. I would be very surprised if you found *any* formmail spam that pointed directly to the server it came through. After all, if they had access to the site in question, why not just send bulk mail that way using a script that can send out thousands of messages at a time instead of one that can only send out a handful?

For the rest, I agree with elsmore. People are not interested in excuses. They are interested in action. If they weren't, they wouldn't make the spam complaint in the first place.

For the rest of this thread, the only thing I have to say is this: Geeks, while strident, has some points. Knocking off spammers one by one when they're posted in a place like this is not going to make the problem go away. This thread does not cover some of the deeper issues I discovered while poking around. VO really should try to avail themselves of Geek's services or I'll be happy to lend what assistance I can. Either way, more spammers will be gone. What could be bad about that?

Amen, elsmore and Annette.

That, folks, is called addressing the issue. You can even call it Crisis Management. Silence or excuses just makes you look like you don't care--what could be worse in the eyes of a *potential* customer? You can be professional, graceful, and all those good things and put your company back in a good light. People do give second chances.

That's been my point about PR all day long.. :rolleyes: . Great thread, though. I've learned an enormous amount, so props to all...

and to all, a good night.

Originally posted by bully28
I think this thread is fascinating, and I think the folk who are calling for the moderator to remove the guy and in the same breath calling him fairly nasty things ought to take a look in the mirror.

i don't even deal with VO nor am i a host. but i do read. and VO has not responded to the accusation of the spammers still on their network.

IMHO it's an extremely fair topic and the accusations have not really been addressed. just lots of folks trying to scratch geek's eyes out because he's accused their beloved host.

come on. :)

Indeed.... I agree with you 100%

Originally posted by GeeksRUs


The modern Internet was born of a rather controlled anarchy, post-ARPA.

Most of the RBLs are not arbitrary at all. There are admins out there who feel that their fiefdoms should be so well protected that they will place blocks on providers based on strange rationale. Most, though, are simply human beings trying to do their jobs and deal with the ocean of spam that flows across the Internet every day. No other admin who runs a mail server is obligated to accept anyone else's mail. Servers are private property, and admins can set any rules they like. However, treating them as some providers (VO included) treat them is not the way to curry favour. Not addressing the flags that are raised right in front of your face is a very quick way to show others that you do not intend to be a good neighbour at all.

I've always thought that RBL was a bad idea. Am I alone on this?
When you run a small network, spam is easy to combat. When you run a large network, spam becomes a problem more frequently and then larger companies tend to turn to places like SPEWS. Sounds like a great solution at first but then you have companies like VO get caught up in people abusing their network
and getting added to real time blackhole lists.

I know a few of the guys who work there personally and they work their asses off to try and combat spam daily. Maybe the problems became so large with a particular spammer that some of it slipped through the cracks. Who knows.

I've learned a bit from reading this thread and it just backs my ideas of not allowing a third party (especially russians) to decide who can and cannot send me and my customers email.

Good luck to the guys at VO at finding and killing the unispammers!

Originally posted by DCSNetwork
Anybody try http://stocktalkreport.com lately?

Sometimes it's not what you say, it's how you say it. All the ranting and raving and lunacy (e.g., this thread) was ignored. A single properly-placed message courteously and intelligently citing the evidence did the trick.


As of 4/30/2002, 9:06 am EST, stocktalkreport.com is alive and well at 209.197.228.33 - squarely within a V.O. netblock.

Whoops....

-Bob

Go work for a couple of weeks and look what happens. :)

Yes, VO is still housing spammers. Direct spammers, open formmail scripts, etc. But I'm not doing any more homework for them. If they were interested in dealing with their spammers, they would have done it by now or asked for help from some quarter. Not me necessarily, but there's at least one offer from a fellow (respected) host right in this thread if they wanted assistance. Their lack of interest in their spammer problem is equalled only by their apparent lack of interest that more and more people will just drop them into private blocking lists and be done with them.

Maybe they don't deal with it as quickly as you'd like them to, or as quickly as some block list requires them to, but that doesn't mean they don't deal with it, nor don't care about the problem and just ignore it. Point is, don't judge any host based on outside entity rules.

I don't support spammers, hate them, as most of you do, however I also don't agree with judging someone based on 3rd party rules (must remove and account within x days or you'll be labled 'spam friendly' by us, etc.) I can see problems with that system, especially when the people running the system purposely make themselves unavailable. That's unacceptable to me.

I know this has been covered in so many words already, so that's just my comment, not really something I care to discuss all that much. It's just how I feel.

Originally posted by Chicken
Maybe they don't deal with it as quickly as you'd like them to, or as quickly as some block list requires them to, but that doesn't mean they don't deal with it, nor don't care about the problem and just ignore it. Point is, don't judge any host based on outside entity rules.


If you have a support team working 24/7 you should act on complaints as soon as they are received. VO had spammers on their netspace for months. that's not acting, that's outright ignoring. I send in a complaint, i expect to get an answer in a week, even if it means that they did not cut the offender off completely, but some kind of aknowledgement that they are doing something about it. VO did not do this. And continues to not do this.


I don't support spammers, hate them, as most of you do, however I also don't agree with judging someone based on 3rd party rules (must remove and account within x days or you'll be labled 'spam friendly' by us, etc.) I can see problems with that system, especially when the people running the system purposely make themselves unavailable. That's unacceptable to me.

Those "third party" rules are a collaboration of evidence provided by the general populous. Or evidence received by an individual. If i receive spam from a server; I report it. I dont get a repsonse or the spammer is still active well after I have complained, they end up in my "rules" of being blocked. Plain and simple. Again, we dont have to accept anyone's traffic if we dont want to. My server my rules. Its kinda neat how one person can have the same "beliefs' as many. Maybe there is something to it?

I don't mean the rules of spam, I mean rules such as:

If we don't receive a reply within 3 days, to the automated message we send out, in regards to a report we receive, then you'll be added to a block list.

Great but what if this was changed to 2 days? More hosts would be labled 'spam friendly' and if it was changed to 4 days, then less would be blocked. 3 days (or whatever amount of time they use) is arbitrary.

Is their automated system perfect? Does it make mistakes? Do you know exactly if it does or doesn't, or if it is perfect and works 100% of the time, or if there are errors, and how frequent these errors are, and the severity of these errors? How does their system handle forged headers and IPs? If you were placed on this list by mistake (whatever the reason), how easily is it to get the situation rectified? Etc...

Now, you may not wonder about these things, and maybe a good number who use these lists didn't even think about these things, yet they blindly trust a block list (which is fine, however I'm not that trusting). As I said, I don't care so much who uses it, but there is such a thing as misguided helpfulness, and while I don't condone spammers and can't stand them, and wish they were all blocked, I do see potential problems with automated systems and lists run by people who purposely do not provide discussion and resolution avenues, should something *happen* to be fouled up.

Anyone who wants to use this, is more than welcome to. I wouldn't and that's just my statement (for the reasons outlined above). Am I evil because I don't use the list? i don't think so. Is anyone evil if they do use the list? Nope, as you said, you dont have to accept anyone's traffic if you dont want to. Your server your rules.

If you happen to also block legitimate email due to using the list, well, that's due to your rules, no one else's. Likewise, if spam comes into one of the POP boxes on my server that could have been blocked via a list, well, that's my choice.

I was basically going to make that same comment that WizyWyg did. I don't think it's correct to claim that GeeksRUs is complaining about something unreasonable because s/he is impatient or expects too much. Sure, people have different opinions on what's taking too long or by what duration these issues should be acted upon, but months with no action... If that's the case (I admit I don't care to try and find out if they are hosting genuine SPAMMER's, especially for this duration), then I don't think it's unreasonable at all -- and I don't see how this is relevant to "outside" or "3rd party" type of rules or expectations. If that is the case, the SPAMMERs (in my opinion) should be dealt with as soon as possible. Not that it has to be within a couple of minutes, and certainly it's possible for other things to take priority, but to have it not dealt with after a few hours (or even days) is a bit long. Certainly you have to verify if they are a SPAMMER or how a SPAMMER was using your client's server and block them or remove their account, but that shouldn't take long -- and weeks or months. Well... I'm a bit surprised by this and a bit disappointed as well -- if this is truly the situation. In closing, not that this was the topic altogether, but I personally don't like the idea of RBL's, I've seen too many mistakes and incorrect "intrusions" on a lot of their parts. I do like the idea, but it often fails to work correctly or well. Then again, if a provider refused to take action, then everyone should block them. However, I still have seen too many problems associated with these lists, and although I will personally deal with any SPAM issue as soon as possible, I don't do it just to stay off lists -- that's just a bonus, I guess -- and I certainly wouldn't want on one of those lists anyway.

Originally posted by Tim_Greer
In closing, not that this was the topic altogether, but I personally don't like the idea of RBL's, I've seen too many mistakes and incorrect "intrusions" on a lot of their parts. I do like the idea, but it often fails to work correctly or well. Then again, if a provider refused to take action, then everyone should block them. However, I still have seen too many problems associated with these lists, and although I will personally deal with any SPAM issue as soon as possible, I don't do it just to stay off lists -- that's just a bonus, I guess -- and I certainly wouldn't want on one of those lists anyway.
This is pretty much what I was saying (or meant to say). I wasn't commenting on a specific host or situation/complaint, etc.

Originally posted by Chicken

This is pretty much what I was saying (or meant to say). I wasn't commenting on a specific host or situation/complaint, etc.

Got ya, and of course. :-)

Originally posted by Chicken
I don't mean the rules of spam, I mean rules such as:

If we don't receive a reply within 3 days, to the automated message we send out, in regards to a report we receive, then you'll be added to a block list.

Great but what if this was changed to 2 days? More hosts would be labled 'spam friendly' and if it was changed to 4 days, then less would be blocked. 3 days (or whatever amount of time they use) is arbitrary.

I suspect that those running the RBL services made a conscious decision to add after the specified number of days. Arbitrary? maybe.... what is the actual definition of arbitrary? If a decision is made based on what experience tells you is a workable number of days (soon enough to keep spam originating from the suspect network down to acceptable levels, yet long enough that most, or at least an acceptable percentage of administrators have time to either respond to the complaint or take action on it) is the decision arbitrary? I agree that if the decision was made by pulling a number out of a hat or some other random selection method, that decision would be suspect. However, in many cases, the RBL maintainers are actually trying to provide a usable service, which means that they attempt to use rational criteria to determine who gets added to the list and who doesn't.

Is their automated system perfect? Does it make mistakes? Do you know exactly if it does or doesn't, or if it is perfect and works 100% of the time, or if there are errors, and how frequent these errors are, and the severity of these errors? How does their system handle forged headers and IPs? If you were placed on this list by mistake (whatever the reason), how easily is it to get the situation rectified? Etc...

I have yet to see a perfect system of any kind anywhere. I would sure like to though. :) Of course there are going to be problems from time to time. If a specific RBL is consistently listing IP addresses or domains that should not be listed, that news will soon get around, and the RBL will gain a reputation of being to severe, untrustworthy, or not worth using. System administrators will begin to look elswhere (like other RBLs) for tools to help them control spam coming in to their system. If enough of them jump ship (and they will) it won't make a lot of difference who the rougue RBL puts in their list, because nobody (of importance) will be using their list.

Now, you may not wonder about these things, and maybe a good number who use these lists didn't even think about these things, yet they blindly trust a block list (which is fine, however I'm not that trusting). As I said, I don't care so much who uses it, but there is such a thing as misguided helpfulness, and while I don't condone spammers and can't stand them, and wish they were all blocked, I do see potential problems with automated systems and lists run by people who purposely do not provide discussion and resolution avenues, should something *happen* to be fouled up.


One thing I think is being missed in this discussion is HOW the RBL lists are being used. This is a decision made by each of those using the lists. It doesn't have to be a "you were on the list, some I'm sending all your mail to /dev/null" type of thing. If a particular RBL has a reputatation for "catching" some valid email, it is easy (and is often) set up to divert the mail into a "spam folder" where it can be reviewed later to retrieve the legitimate email. On my systems, I use a system that checks with the RBL(s) of the users choice, and then optionally diverts the spam into a spam folder. Once a day, a report is generated to each user listing the subject line, sender, intended recipient, and reply-to address of each email put into the spam folder that day, with a link to retrieve individual messages from that folder back into the main mailbox. Messages that don't get retrieved are automatically deleted from the spam folder after a few days. If an IP address winds up inappropriately on one of the RBLs that I use, all is not necessarily lost. I use this system because I don't "put blind faith" in a list run by third-parties. Other administrators I know use their own methods to verify that the RBLs they use are blocking spam and not catching legitimate mail.

In any case, while the RBLs get most of the bad press, the complaints should really be about system administrators who choose to use RBLs (at least poorly run ones). I have never heard of a case where a mail administrator was forced to use an RBL. I'm sure it has happened... but they were probably forced to by their boss and not the RBL maintainer. As an example... suppose I made a list and put the IP addresses of all mailservers used by anybody who posts to this thread in it, and made that list public. Would you be mad at me? Why should you be - it would have absolutely no effect on anybody. The only way it could affect anybody is if thousands of mail system administrators started using my list as an RBL service. Would that be my fault? Just for making a list of IP addresses public? ARIN has a list of IP addresses too... in fact they have a big list. :) Does anybody complain that they shouldn't be allowed to make their list public because someone may use it as criteria to block email?


Anyone who wants to use this, is more than welcome to. I wouldn't and that's just my statement (for the reasons outlined above). Am I evil because I don't use the list? i don't think so. Is anyone evil if they do use the list? Nope, as you said, you dont have to accept anyone's traffic if you dont want to. Your server your rules.

If you happen to also block legitimate email due to using the list, well, that's due to your rules, no one else's. Likewise, if spam comes into one of the POP boxes on my server that could have been blocked via a list, well, that's my choice.

Agreed. You have every right to not use RBLs, just as I have every right to use them. I probably don't trust them any more than you do either. I have found however, that when used properly, they make great tools. If I begin to use them improperly, and it affects you adversely, I think you should complain about me before you complain about the RBLs though. After all, I am the one blocking the mail, not someone maintaining a list somewhere, who doesn't even have access to my mailserver.

I agree with most of your view on this, but you aren't going to likely know what servers are using an RBL that are blocking your email. People do blindly use them, thinking it's the solution to stop SPAM. You aren't going to know who's directing your email to /dev/null and most people do not implement or consider implementing the same type of system you spoke of, to help ensure that legitimate emails aren't lost. Indeed, it can be the RBL at fault, and indeed, the word doesn't easily get around about them being wrong or bad, because people will probably assume you to be a SPAMMER. I know that I had some idiot's at an RBL blacklist MY server as an open relay. I only found out, when I got a lot of bounced messages from them intruding on my system to "test" it for being an open relay. It was not, and never was. They admitted this, yet they had my domain and IP listed. They didn't contact me, which is easy enough to do -- I didn't hide who I was or how to contact me. They just had a form on their site where anyone could type in your domain or IP and their system would _automatically_ test (aka, try and circumvent your SMTP service's security/functions) to try and confirm if you had an open relay. Even though I wasn't, whatsoever, and even though they repeatedly tried to break into my SMTP service, and although I asked them why they didn't contact me, and although I demanding they do in the future and not try and test my systems SMTP service for holes, and although they even admitted I wasn't an open relay, I was STILL listed, and they were associated with other RBL's, which some removed me and other's never did. Moreover, this RBL had some list that they were :selling: and it was just all a big scam. The RBL in question was http://orbz.org/ *Take a look at their page, they were SHUT DOWN for abusing people's mail servers -- because their lame scripts were hitting people's servers, causing crashes and the like (which they claimed was the fault of the admin running a mail server using software that wasn't compatible with THEIR scripts that tried to compromise the admin's SMTP mail server for being an open relay), which they contend was not their fault -- even though their scripts were so relentless to pound the server enough to crash (all that for testing for an open relay, without authorization?).. which is basically like me going and 'testing' their server to see if I can tie up port 80 for a while, or 'test' their services for exploits to gain unauthorized access). These idiot's were sued before and again and again. They continue to shut down (or be forced to shut down), then they get a new domain and move on and start all over again. This is not the only service like this and surely there are other such services that don't take these illegal measures to try and make money to compile lists of people that are open relays (even though they AREN'T!), just to get paranoid or unskilled system administrators interested in buying and using their list!).


RBL's suck, you are putting your business in other people's hands, and my finding's are that even though *some* (not all, by any means) have good intentions, they are worthless crap and more trouble than they are worth. I simply create my own recipes and would give user's an interface to use some intelligent filters. (i.e., unless it's your valid address in the TO field, you won't accept BCC emails, unless it's from someone in your approved list). That gets rid of 95% of all SPAM right there and you don't have other people control what you get or not. I could go on about this and how much RBL's suck, but I'm also not going to claim that ALL RBL's suck -- NOR will I dare claim that any provider that doesn't act on a SPAMMER within a week, or two, or (and especially) months', doesn't deserve to be on a black list (because they most certainly would at that point). I just mean to say, that when the RBL idea first was implemented and their policies were first idealized and realized and planned, that it worked. But, now, and with all these idiot's running them, you can't expect that you can contact the server admin running the RBL, because; you won't know everyone that is and your emails will be lost. You can't expect people to be educated about this, or they'd have created their own recipes and not used an RBL anyway. Actually, I won't go on about all the reasons why you CAN indeed blame the RBL, and not expect people to know they are not legit or they are very flawed in how they operate. Again, that's not to say that there aren't legit RBL's, but I think that RBL's should specifically and ONLY list providers that are contacted once you have confirmed they have a SPAMMER and if they refuse to act on it. Then by all means, block the SOB's. However, none of the RBL's work like that. Currently, it's too easy for people to get competitors listed on RBL's and there's no real process that allows the people using them to know the situation and circumstances of how a provider's IP class or specific IP was listed. Sure, you don't have to use the RBL, but the problem is, the people on the other end, not knowing even if this block is legit, are, and they are not using any customized plan to deal with and verify what emails are legit or not. If you're going to do that, why even use an RBL anyway. Indeed, there are a lot of pros and cons to this, and I would blame SPAMMER's first, bad providers second, RBL's third (after all, if providers acted on SPAM complaints, there'd be no need for RBL's!), and then the hosts and ISP's that use the RBL's without taking the time to understand all the ramifications, thereby creating more victims of the SPAMMER's that have nothing to do with their service as a host or ISP. I don't know what to think, but people sure make it a lot messier than it should be and it's just not doing much good at this point, other than making more people suffer unneedlessly.

VO gets negative publicity.


Not good. :eek: