[Sysops-list] Fwd: abuse, SPAM, off-topic, jackass IDIOT moronic
junk mail repeating harassment
Samit Jana
samit at wlink.com.np
Sat Feb 10 15:12:56 NPT 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
We all know no matter how much we make our system secure or enforce strict
cyber law, there will be an incident sooner or later every now n then . But
our work is to make things tougher tougher for them and suffer more,
Mr. maxonline not using any smtp server directly, his subscriber/user
whosoever spamming via web posting thus abusing our web proxies misusing free
mail services.
Does anybody has real experience scanning high volume web traffic and
connections? I haven't googled or attempted ugly hack yet, have anybody
tried filtering web based mail content? does it work or possible?
I have deployed Danguradian content filtering using AV and maintaining
Blacklist URL database at some customers production proxies having low volume
traffic, with very negligible late response and service time,of course had
had very hard time to tune it for acceptable settings. But bit skeptical to
deploy it in our ISP production proxies where every proxies serves over
2000 connections/sec and over 5Mb traffic.Also Don't think it will be
practical either, proxies admin will have hell lot of good time :) .
On Saturday 10 February 2007 11:14, Gaurab Raj Upadhaya wrote:
> On Feb 10, 2007, at 4:43 AM, Samit Jana wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > Hi,
> >
> > So far I have received 3 complains like this from the non wlink
> > domain users,
> > and this is one of it. So, I have decided to blocked the domain.
> > However
> > Pavan dai says that he will try to finalize this issue via ispan
> > within next
> > couple of days.
> >
> > The idea of setting up RBL sounds good.
>
> Hi,
>
> I too think it's a good idea, but it can have huge pitfalls. Let's
> just look at this particular e-mail..
>
> >> NNTP-Posting-Host: 202.79.62.16
>
> that IP points to proxy6.wlink.com.np, and if someone puts that IPAnybody
has real experience in high volume web traffic and connections, have anybody
tried filtering web based mail content? does it work?
> address in the blacklist, then web based e-mails from many users of
> the wlink won't reach valid mail servers. and since this is http e-
> mail posting, you can't even re-direct port 25 traffic to a scrubber.
>
> but, since this is a pretty big issue for ISPs, as their entire
> blocks may get listed on RBLs, they do need to do something.
>
> I think ISPAN would rather be better to do huge publicity telling
> people that if you send unwanted e-mails to other people and ISPs
> receive complain then their internet account will be cancelled and
> they'll be blacklisted. This will discourage general people from
> doing that. And if you are giving service to a cyber cafe, then tell
> the cyber owner that they may be blacklisted if they don't co-operate.
>
>
> -- gaurab
>
>
> /////////////////////////////////////////////////////+9779851038080
> gaurab at lahai dot com
- --
With regards,
Samit
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iQEVAwUBRc2QHQ/ARsiwb5bmAQKg2gf+PrBFOPuXpvGl2GpYMlEuf9/g+t8ilX5n
uDG/BkzP065Gy4sGvUaTaBLWA4jjToLHL80ciGjSveAdPpcbblf1HVu9T2q4RXhQ
RI4TVVojYqK/b7SJ3S35czVBmiajHdPVDcL6CfQggk263rbiApAnUW5QcW4yroYg
9n8XHM5ANa4siKIzZ1vrjAYZBtcpQHm1/QnxLzwakHaOu7wXWz0KpPz6Amt/4r2Z
CBOmOBAUMw7pN7NlycLJQbPRtAFOT7dM3n6QaYpDVwTbYLKYmqkRHmLiYfMU1VTq
5a6AhAl6K/hJ6T/Ujn4chiWh7Eo+HSAnhoN0k157rleeDYF1M1AOlw==
=kkqG
-----END PGP SIGNATURE-----
More information about the Sysops-list
mailing list