RE: UCEProtect Level 3

I seem to recall that Mailstreet/MXlogic firewalls off (not rejects at SMTP level) any AS listed in UCEProtect, at least of about a year or so ago.

- S

I would be very surprised indeed if MX Logic did something like that.

srs

We had complaints about our entire ASN being listed too, due to a bunch of infected hosts in a sub-allocated /23 (out of our nearly /16 of space). The best part is they don't bother to report the abuse, they just block the entire ASN, not terribly productive.

John van Oppen
Spectrum Networks LLC
Direct: 206.973.8302
Main: 206.973.8300
Website: http://spectrumnetworks.us

You wont find me holding up uceprotect or apews as fine examples of
properly or even competently run lists, I'd point you to spamhaus for
that.

But, in this day and age, and with the volumes of spam around, I'd
counsel you NOT to wait for or expect manual complaints to your abuse
desk, almost nobody does that these days.

Feel free to signup for AOL etc feedback loops and you'd probably get
a much higher volume of complaints - enough that you'd have to
dedicate an email address to it, and use the scriptability of the ARF
format these feedback loops are sent in, so you can get / generate
stats.

Periodic rDNS scans of your network, and either making rDNS requests
manual, or at least running periodic rDNS scans of your network to
spot that kind of customer would make sense too. You must admit that
the kind of rDNS Steve Champeon posted in in that very long list
upthread sticks out like a sore thumb.

--srs

I agree, spamhaus has always been great.

We were on a few feedback loops and senderbase.org did not show much for that subnet... anyway solved now. Got the ex-customer's other ISP to block the announcement since we killed it a while ago, also removed the SWIP. :wink:

John van Oppen
Spectrum Networks LLC
Direct: 206.973.8302
Main: 206.973.8300
Website: http://spectrumnetworks.us