Page 1 of 3 123 LastLast
Results 1 to 15 of 35
  1. #1

    IPs and the SPAMMERs that want them

    Through the years, it has become more and more difficult to weed out the legitimate IP request, versus the ones bound for blacklisting. We have a justification policy, a very strict abuse department, and our IPs are not inexpensive to add. Yet each week it seems we are delisting another /24. This is a HUGE inconvenience not only for us, but for any client unfortunate enough to have IPs within that /24. I would love to hear from the community to hear their experiences. Lord, I HATE SPAM!
    Rob@HIVELOCITY.NET
    Bare Metal Servers. Colocation. Cloud Servers.
    Customers in over 130 countries. Since 2002.
    Follow us on Twitter @Hivelocity

  2. #2
    Why not just advertise the IPs with port 25 blocked on all but 5 IPs or something?

  3. #3
    Join Date
    Oct 2005
    Location
    Internet
    Posts
    1,050
    Find very good spam software and force everyone to use it? Or educate over night web hosts who don't know jack about running a hosting company.
    The web hosting market will never die. Virtual environments are forever the future and easily adapt to change. Welcome to the world wide web!

  4. #4
    Join Date
    May 2004
    Location
    Toronto, Canada
    Posts
    5,017
    Do you find it is direct clients causing the problem or resold servers?

  5. #5
    I have found it to be both honestly. Sometimes a direct client, sometimes it is a reseller who has a bad client. But we have also seen the reseller who swears it is not them, yet every IP is a SPAM source. Never wanting to call anyone a liar, although if the shoe fits.........
    Rob@HIVELOCITY.NET
    Bare Metal Servers. Colocation. Cloud Servers.
    Customers in over 130 countries. Since 2002.
    Follow us on Twitter @Hivelocity

  6. #6
    Join Date
    Jun 2011
    Location
    Internet
    Posts
    2,504
    Quote Originally Posted by Rob Hivelocity View Post
    I have found it to be both honestly. Sometimes a direct client, sometimes it is a reseller who has a bad client. But we have also seen the reseller who swears it is not them, yet every IP is a SPAM source. Never wanting to call anyone a liar, although if the shoe fits.........
    You could take up a 3 strikes policy - 3 incidents and that particular server gets suspended for investigation?

    We have recently taken up a much more strict policy on UDP floods - and we've successfully reduced attacks down from several per week to none.

  7. #7
    Quote Originally Posted by Flapadar View Post
    You could take up a 3 strikes policy - 3 incidents and that particular server gets suspended for investigation?
    We have a strong abuse department that monitors the complaints, and we do understand these things sometimes happen. It is more the flippant client response of, "Oh really? Sorry about that." Then they are gone. One month of service, /24 listed, and they are on to the next host to repeat the process. Just frustrating.
    Last edited by writespeak; 03-06-2012 at 11:47 AM. Reason: Added missing [/quote]
    Rob@HIVELOCITY.NET
    Bare Metal Servers. Colocation. Cloud Servers.
    Customers in over 130 countries. Since 2002.
    Follow us on Twitter @Hivelocity

  8. #8
    Join Date
    Jun 2011
    Location
    Internet
    Posts
    2,504
    Quote Originally Posted by Rob Hivelocity View Post
    We have a strong abuse department that monitors the complaints, and we do understand these things sometimes happen. It is more the flippant client response of, "Oh really? Sorry about that." Then they are gone. One month of service, /24 listed, and they are on to the next host to repeat the process. Just frustrating.
    Hetzner (from what I've noticed) have internal spam monitoring servers. I'm unsure how feasible that might be of an idea, but it's an idea.

  9. #9
    Join Date
    Aug 2007
    Location
    Belgium
    Posts
    3,872
    Those spammers are a serious pain in the ass indeed. We do the necessary checks before even accepting such customers. Mostly the default story like SEO and 'SSL hosting' or 'double opt-in' comes in mind, mostly used by a lot of spammers.

    I advice companies who actually get such requests to do some work before even thinking of accepting them. Why would a legit mailing have a private whois? Why would he mail from a gmail address? Why would his name be listed on google as spammer. Why would he need reverse DNS on domains that are registered the same day? Those are things I run into myself when doing the checks so it's easy to filter out the bogus ones
    InstantDedicated.com - Unmanaged Dedicated Servers with Instant Activation [EU and USA]
    ServerBoost.com - Managed Dedicated Servers with 24x7 On-Site Support [100% Uptime Guarantee]
    ≈ Locations: (The Netherlands) - Tier 3 [Dataplace] | (Miami) - Tier 3 - Pay via: Bitcoin, Paypal, Credit Card, Sofort Banking, Bancontact, Webmoney, iDEAL

  10. #10
    Join Date
    Jun 2004
    Location
    Europe
    Posts
    3,285
    Quote Originally Posted by Flapadar View Post
    Hetzner (from what I've noticed) have internal spam monitoring servers
    We are currently testing a solution like this in one of our datacenters, we have build the solution in house. We had to design it carefully, to not breach any privacy regulation or impact in any way the privacy of clients or emails, it works very well so far. It does not block mail and does not have the capability to block mail, but it works wonders in finding spam originating from our network and report this to our abuse team, well before any blacklists come in action or even notice the spam activity.
    We might consider to bring it on the market if we conclude all tests successfully over a longer period of time.
    Swiftway.net Your Business deserves our Quality - Experts on Hand since 2005. Primary locations: Netherlands, Chicago, Bay Area, Miami and New York.
    Support response time within 15 minutes 24x7 low priced dedicated servers available on Swiftway Serverdeals

  11. #11
    I could not agree more, sounds like the same excuses we hear. The SPAMMERs are much more aware of the buzz words used for IP justification. We use SURBL, MXToolbox, DNS STuff, and Google, and they still get through.
    Rob@HIVELOCITY.NET
    Bare Metal Servers. Colocation. Cloud Servers.
    Customers in over 130 countries. Since 2002.
    Follow us on Twitter @Hivelocity

  12. #12
    Join Date
    May 2009
    Location
    Vaduz/LI
    Posts
    2,486
    Yea... go complain about a few /24...
    I have currently more than a /16 (total, not one block) listed at various RBLs because of stupid customers...

  13. #13
    Why not just charge more per IP?
    Spammers look for cheapest IPs possible. So just charge more. Then they won't have much of a motive to come and you'll have more resources to fend off these annoyances.
    Sounds like a win-win situation to me.

    Legitimate users? I can't really think of legitimate users who desperately needs cheap IPs at a mass quantity. Though, I'm sure I could be proved wrong.
    I'm not a hosting company. I have no sig to spam.

  14. #14
    Join Date
    Sep 2010
    Location
    /usr/bin/fail
    Posts
    856
    Rate limiting port 25 per IP works pretty well for stopping or at least slowing down spammers.. Just impose a 600 or 1000 emails per hour limit just as you would in a typical shared hosting environment. We do this on our VPS host nodes via iptables and it allows us to catch the drive by spammers pretty quickly and usually before they hit the black list.

    Using this method does not permanently block outgoing mail but it will delay it if to many are sent at one time.
    JAXVPS Web Hosting Solutions - http://www.jaxvps.com
    Offering Premium SSD Shared, Reseller, and VPS Hosting Since 2010
    VPS servers available in both Jacksonville and Chicago locations

  15. #15
    Join Date
    Aug 2007
    Location
    L.A., CA
    Posts
    3,588
    Monitor your rDNS record changes...

    EasyDCIM.com - DataCenter Infrastructure Management - Reach Me: wht@fevvo.com
    Bandwidth Billing | Inventory & Asset Management | Server Control
    Order Forms | Reboots | IPMI Control | IP Management | Reverse&Forward DNS | Rack Management

Page 1 of 3 123 LastLast

Similar Threads

  1. Replies: 1
    Last Post: 12-11-2011, 12:13 AM
  2. Replies: 0
    Last Post: 10-11-2011, 05:17 PM
  3. Why WHM >> Networking Setup >> Nameserver IPs is not showing the IPs
    By ninety9 in forum Hosting Security and Technology
    Replies: 4
    Last Post: 08-18-2010, 03:46 AM
  4. Replies: 0
    Last Post: 07-19-2008, 10:37 PM
  5. Replies: 12
    Last Post: 11-17-2005, 03:06 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •