Results 1 to 25 of 35
-
03-01-2012, 01:42 PM #1Web Hosting Master
- Join Date
- Dec 2009
- Posts
- 693
IPs and the SPAMMERs that want them
Through the years, it has become more and more difficult to weed out the legitimate IP request, versus the ones bound for blacklisting. We have a justification policy, a very strict abuse department, and our IPs are not inexpensive to add. Yet each week it seems we are delisting another /24. This is a HUGE inconvenience not only for us, but for any client unfortunate enough to have IPs within that /24. I would love to hear from the community to hear their experiences. Lord, I HATE SPAM!
Rob Hivelocity
Home of the best cPanel pricing
www.Hivelocity.net Datacenters in Chicago, Dallas, New York, Los Angeles, Seattle, Atlanta, Tampa, Miami, Frankfurt, Amsterdam, Singapore, India!
-
03-01-2012, 01:49 PM #2WHT Addict
- Join Date
- Sep 2010
- Posts
- 105
Why not just advertise the IPs with port 25 blocked on all but 5 IPs or something?
-
03-01-2012, 01:53 PM #3You broke the internet!!
- Join Date
- Oct 2005
- Location
- Internet
- Posts
- 1,161
Find very good spam software and force everyone to use it? Or educate over night web hosts who don't know jack about running a hosting company.
★ www.GeekDub.com ★
-
03-01-2012, 02:44 PM #4Retired Moderator
- Join Date
- May 2004
- Location
- Toronto, Canada
- Posts
- 5,105
Do you find it is direct clients causing the problem or resold servers?
-
03-01-2012, 02:48 PM #5Web Hosting Master
- Join Date
- Dec 2009
- Posts
- 693
I have found it to be both honestly. Sometimes a direct client, sometimes it is a reseller who has a bad client. But we have also seen the reseller who swears it is not them, yet every IP is a SPAM source. Never wanting to call anyone a liar, although if the shoe fits.........
Rob Hivelocity
Home of the best cPanel pricing
www.Hivelocity.net Datacenters in Chicago, Dallas, New York, Los Angeles, Seattle, Atlanta, Tampa, Miami, Frankfurt, Amsterdam, Singapore, India!
-
03-01-2012, 03:01 PM #6Web Hosting Master
- Join Date
- Jun 2011
- Location
- Internet
- Posts
- 2,985
-
03-01-2012, 03:17 PM #7Web Hosting Master
- Join Date
- Dec 2009
- Posts
- 693
We have a strong abuse department that monitors the complaints, and we do understand these things sometimes happen. It is more the flippant client response of, "Oh really? Sorry about that." Then they are gone. One month of service, /24 listed, and they are on to the next host to repeat the process. Just frustrating.
Last edited by writespeak; 03-06-2012 at 11:47 AM. Reason: Added missing [/quote]
Rob Hivelocity
Home of the best cPanel pricing
www.Hivelocity.net Datacenters in Chicago, Dallas, New York, Los Angeles, Seattle, Atlanta, Tampa, Miami, Frankfurt, Amsterdam, Singapore, India!
-
03-01-2012, 03:25 PM #8Web Hosting Master
- Join Date
- Jun 2011
- Location
- Internet
- Posts
- 2,985
-
03-01-2012, 03:33 PM #9Cable Director
- Join Date
- Aug 2007
- Location
- Datacenter
- Posts
- 4,414
Those spammers are a serious pain in the ass indeed. We do the necessary checks before even accepting such customers. Mostly the default story like SEO and 'SSL hosting' or 'double opt-in' comes in mind, mostly used by a lot of spammers.
I advice companies who actually get such requests to do some work before even thinking of accepting them. Why would a legit mailing have a private whois? Why would he mail from a gmail address? Why would his name be listed on google as spammer. Why would he need reverse DNS on domains that are registered the same day? Those are things I run into myself when doing the checks so it's easy to filter out the bogus onesŧ www.InstantDedicated.com - Online in no time
ŧ Dedicated Servers in [EU] Netherlands + Belgium with DAILY support, also on weekends
ŧ 3.2 Tbit/s Network AS49453 with only 100 Gbit/s uplink backbone
ŧ 1G/10G/40G/100 Gbit ports available | 99,99% Network Uptime goal
-
03-01-2012, 03:33 PM #10Always there
- Join Date
- Jun 2004
- Location
- Europe
- Posts
- 3,822
We are currently testing a solution like this in one of our datacenters, we have build the solution in house. We had to design it carefully, to not breach any privacy regulation or impact in any way the privacy of clients or emails, it works very well so far. It does not block mail and does not have the capability to block mail, but it works wonders in finding spam originating from our network and report this to our abuse team, well before any blacklists come in action or even notice the spam activity.
We might consider to bring it on the market if we conclude all tests successfully over a longer period of time.█ Swiftway.net Your Business deserves our Quality - Experts on Hand since 2005. Europe & US locations, we operate our own network AS35017 Support response time <15 minutes 24/7
█ Introducing our new Entry level server line ! Support response time <15 minutes 24/7. Technology Fast 50 & Fast 500 award winning for multiple years, Your Business deserves Swiftway Quality.
-
03-01-2012, 03:39 PM #11Web Hosting Master
- Join Date
- Dec 2009
- Posts
- 693
I could not agree more, sounds like the same excuses we hear. The SPAMMERs are much more aware of the buzz words used for IP justification. We use SURBL, MXToolbox, DNS STuff, and Google, and they still get through.
Rob Hivelocity
Home of the best cPanel pricing
www.Hivelocity.net Datacenters in Chicago, Dallas, New York, Los Angeles, Seattle, Atlanta, Tampa, Miami, Frankfurt, Amsterdam, Singapore, India!
-
03-01-2012, 05:19 PM #12Now renamed!
- Join Date
- May 2009
- Location
- Vaduz/LI
- Posts
- 2,778
Yea... go complain about a few /24...
I have currently more than a /16 (total, not one block) listed at various RBLs because of stupid customers...
-
03-01-2012, 05:35 PM #13Web Hosting Master
- Join Date
- May 2005
- Posts
- 1,141
Why not just charge more per IP?
Spammers look for cheapest IPs possible. So just charge more. Then they won't have much of a motive to come and you'll have more resources to fend off these annoyances.
Sounds like a win-win situation to me.
Legitimate users? I can't really think of legitimate users who desperately needs cheap IPs at a mass quantity. Though, I'm sure I could be proved wrong.I have no sig to spam.
-
03-01-2012, 05:50 PM #14Web Hosting Master
- Join Date
- Sep 2010
- Location
- /usr/bin/fail
- Posts
- 859
Rate limiting port 25 per IP works pretty well for stopping or at least slowing down spammers.. Just impose a 600 or 1000 emails per hour limit just as you would in a typical shared hosting environment. We do this on our VPS host nodes via iptables and it allows us to catch the drive by spammers pretty quickly and usually before they hit the black list.
Using this method does not permanently block outgoing mail but it will delay it if to many are sent at one time.
-
03-01-2012, 06:08 PM #15Web Hosting Master
- Join Date
- Aug 2007
- Location
- L.A., CA
- Posts
- 3,710
Monitor your rDNS record changes...
EasyDCIM.com - DataCenter Infrastructure Management - HELLO DEDICATED SERVER & COLO PROVIDERS! - Reach Me: chris@easydcim.com
Bandwidth Billing | Inventory & Asset Management | Server Control
Order Forms | Reboots | IPMI Control | IP Management | Reverse&Forward DNS | Rack Management
-
03-02-2012, 03:50 AM #16Corporate Member
- Join Date
- Aug 2004
- Location
- Kauai, Hawaii
- Posts
- 3,799
Sounds like http://www.mailchannels.com/ except with the spam dropping turned off and only reporting enabled....?
-
03-02-2012, 03:21 PM #17Hosting provider
- Join Date
- May 2002
- Location
- Moscow
- Posts
- 1,602
Hi,
Blocking outgoing 25 port connection from all server ip's and forwarding all mails to own SMTP relay will decrease such issue for lot.TK Rustelekom LLC Dedicated server since 2002, RIPE NCC member, LIR
-
03-02-2012, 03:38 PM #18Junior Guru Wannabe
- Join Date
- Aug 2009
- Posts
- 58
I'd like to add to this thread by saying that hosting companies are very reluctant to give out IP space now days. Monitoring port 25 or outright blocking it is not the solution. I recently got service with a host who had a monitoring solution in place and detected mail going out on port 25. They rushed to judgement thinking the messages were spam (they actually viewed the messages), logged in via root and screwed with my MTA. Definitely wrong!! Are hosts now in the business of determining what is spam?
Like it or not it's part of the business. Spam is defined by CAN-SPAM law - like it or not. Also, IP justification is regulated by ARIN guidelines. Too many hosts now days have trouble understanding those 2 points....and just say "NO MAIL, NO ADULT, NO IRC, ETC" - yeah some dream business =)
Lastly, there are mailers who are compliant and receive very few complaints from commercial message activity. Spamhaus SBL issues are serious and in their own category. RBL listings, SpamCop complaints, ISP level Feedback loop complaints within limits are not so bad. A lot of times users forget they signed up. Some users are too lazy to click unsubscribe and feel like forwarding messages to SpamCop (select all --> forward)....
-
03-02-2012, 05:32 PM #19Hosting provider
- Join Date
- May 2002
- Location
- Moscow
- Posts
- 1,602
Host just want save their customer base and save himself from risks. While the internet have no regulation and anyone could block anyone (like Spamhaus for example does) and without any legitimate reason situation will not changed. This is problem with not only spam problem. Many popular resources block ip address due to various reason - from hacking attempt up to web spamming. Host could just don't be aware about such blocking till to time when victim customer do not complain this. Therefore every host want to save it's ip address space clean and safe.
Regards is it host business or not. With latest and progected changes in local law host could be set as responsible for any illegal activity which was done on his ip address space. Let's talk with Sweden police and court about this if you want but this is real life and none of the hosta want have his equipment to be seized.
PS. logging as root to your server is allowed on managed services so it is depend from situation.TK Rustelekom LLC Dedicated server since 2002, RIPE NCC member, LIR
-
03-02-2012, 06:04 PM #20Disabled
- Join Date
- Jun 2005
- Posts
- 3,455
Rob, I really want to help you on this. I have experience on this issue.
The only possible way to cut support and abuse issues on your side is to make sure people are who they claim to be.
There is no possible way, no automated systems, not checking each IPs, or handling a flood of abuse cases.
The only thing that works is hit them in their pockets and to do so you need to identify customers.
Spammers that hire one month and go away usually donīt care and donīt want to be identified either. Resellers or customers that say "Ouch, sorry, not going to do it anymore is not enough either, touch them in their pockets one time and it doesn't happen again"
First measure:
Identify customers. Try to identify a person, with whatever checks you can, phone check, identification upload, etc. If this means rendering automatic registration and service deployment on auto pilot useless, then do it.
The thing spammers love the most are automatic services where they pay and get the service the same day. You need to put an end on this unless you can do this with proper human verification as well at the same time.
After identifying a customer he thinks 10 times before spamming on your services. Usually its such a deterrent they will not even sign up.
And for current customers or spammers that still spam, a nice hefty invoice will do the trick. I see some hosts charging for example 500$ if an IP gets blacklisted because the customers spammed.
Of course they will try not to pay it, and some will leave, but do you really want customers which spam and give you just troubles? Of course not.
And once you have identified a client, you can charge him, even if he refuses to pay there are always collection agencies.
You can even do a strike system like someone mentioned. First time 50$, second 150$, third 500$ and termination.
Believe me, this works. Not only are people scared and more responsible about their services. This means resellers will take better precautions on their own clients to avoid the fee and current spammers will just look a company which is easier to get trough the filters.
Will it impact your business? Sure, a bit, getting a client to be identified could be frustrating, but business clients will have 0 issues with this and so will clients that really want to use your services.
I was in a similar situation and nothing could really help, not port blocking, rate, etc. Proper customer identification is a deterrent. People usually try to use a service in illegal ways if they are anonymous but not if they were identified as then there are consequences.
I know what some people are going to say, killing auto provisioning is going backwards. No, not really. Only for new customers. Current customers can still auto provision services. It's the new clients that need to be on hold until proper verification. Cloud companies and allot hosts do this already, because its one of the only ways to avoid this. Nobody wants lousy customers, and if someone has problems getting identified, you donīt want him on your servers or networks anyway.
And once customers are really "humans" not just a name with an email, they get more serious as well. This means they care more about what they hired. And if you bill them for each abuse issue, even if its 1$ per abuse ticket, it's a way to educated them and be responsible.
-
03-02-2012, 07:04 PM #21Junior Guru Wannabe
- Join Date
- Jan 2003
- Posts
- 66
What about requesting a longer pre-payment period for any extra ipblock to be approved in the first few months?
This would make your server 3-4x more expensive for fly by night spamming operation...
-
03-02-2012, 07:29 PM #22Disabled
- Join Date
- Jun 2005
- Posts
- 3,455
If your problem is with customers ordering tons of IPs which they use for Spam then the issue is really even easier to resolve.
Like "zas" pointed out, they should pay in advance or put a deposit.
What I see and works, instead of having them prepaid or putting a deposit charge a setup fee for the IPs.
Keep the current IP prices, so you donīt need to be more expensive with a prepaid payment or deposits but you just make it expensive for people ordering allot of IPs.
Since its only a 1 time setup, people with legitimate needs would not mind paying it, but spammers will as they only want to use it for 1 month. And the more they order the more expensive it gets. Its a deterrement for temporary usages but not for permanent ones.
Im not sure why hosts killed setup fees. Some years ago spammers where not a problem and every hosts had setups fees. Today its really strange to see a setup fee for a hosting account and you get all type of problems with fly night operations. Spam, spyware, phising, etc.
The setup was exactly to avoid this. People that have the intention to only order it for 1 month unil they are suspended because of spamming would not only pay more but it would be a good detterent.
As a customer myself from tons of services, including 10$ hosts and 1000$ servers. Setup was an issue for me, unless its very heavy, because I knew setup is just a one time price and I would prefer a bigger setup and a cheaper monthly prices then none setup but more expensive monthly charges. A great example is Hetzner and they sell like hotcakes. People like setups. Spammers donīt.
Hosting companies should re-introduce setup for somet stuff. Some years back, it was because the setup of accounts was manual and it took time for someone to do it. Then automatic provision came and setups where gone.
But IPs its a great idea. Setup fee for each assigned IP.
-
03-02-2012, 07:37 PM #23Junior Guru Wannabe
- Join Date
- Aug 2009
- Posts
- 58
-
03-03-2012, 04:23 AM #24Web Hosting Master
- Join Date
- May 2005
- Posts
- 1,141
-
03-03-2012, 08:19 AM #25Always there
- Join Date
- Jun 2004
- Location
- Europe
- Posts
- 3,822
█ Swiftway.net Your Business deserves our Quality - Experts on Hand since 2005. Europe & US locations, we operate our own network AS35017 Support response time <15 minutes 24/7
█ Introducing our new Entry level server line ! Support response time <15 minutes 24/7. Technology Fast 50 & Fast 500 award winning for multiple years, Your Business deserves Swiftway Quality.
Similar Threads
-
Core2Quad Dedicated Server & /25 IP Block (128 IPs) $425/mo - IPs Already Justified!
By rllunzmann in forum Other Hosting OffersReplies: 1Last Post: 12-11-2011, 12:13 AM -
Core2Quad Dedicated Server & /25 IP Block (128 IPs) $425/mo - IPs Already Justified!
By rllunzmann in forum Dedicated Hosting OffersReplies: 0Last Post: 10-11-2011, 05:17 PM -
Why WHM >> Networking Setup >> Nameserver IPs is not showing the IPs
By ninety9 in forum Hosting Security and TechnologyReplies: 4Last Post: 08-18-2010, 03:46 AM -
Cheapest SEO Hosting on 5 Different C Class IPs + 1 Bonus IP = 6 IPs for $6/Month
By indianets in forum Other Hosting OffersReplies: 0Last Post: 07-19-2008, 10:37 PM -
2checkout.com are spammers? or they are selling our email address to spammers..
By vicklai in forum Web Hosting LoungeReplies: 12Last Post: 11-17-2005, 03:06 AM