Comments on: 900,000 ISP customers blacklisted

Telewest, a U.K. Internet service provider, calls the antispam group's action "heavy-handed" but can't say it didn't see this coming.

[hadaso]

Giving users free software is not enough!

Giving users free software is not enough!

What ISPs should do is monitor for outgoing mail in large quantities going directly out of PCs or through their servers. Monitor their servers for exceptional bounce rates fromspecific users, scan outgoing email for spam, or at least sample outgoing email using automatic tools, and then automatically increase sampling when suspisious behaviour is found.

But most important: they should make subscribers aware that there are possible problems, that these problems may affect both their own computers and other people's computers, and that good security measures are important both as self protection and as responsible citizenship (netizenship), and they should promise the subscribers that they will alert them when there's trouble and help them resolve it.

The two most important things here are awareness and trust: subscribers should be aware of the possible problems, and trust their ISP both to tell them when something's wrong and to help them resolve the problem.

[System Tyrant]

Spam Blacklist

It goes to show that blacklist don't really work that well. You aren't going to stop spammers by blacklisting an IP address. What you really achieve is angering 900,000 users who are victims of spammers.

I believe if things don't change those who use the services of spam blacklisters are going to feel the sting of a backlash. It really comes down to the ISP though. They need to monitor their users without being intrusive.

The funny thing about blocking IP addresses and not domain names is that the spammer just moves to another server that isn't blocked while those on the blacklisted IP continue to suffer.

The amount of "colateral damage" done by blacklist services is going to become unacceptable at some point (if it already isn't) then what are we going to do?

[sanenazok]

"Collateral Damage"?

I agree that blacklists are pointless, but who exactly suffers by being put on one? Nobody should be running their own SMTP server for a legitimate reason, use your ISP's, this way spammers will get caught and accounts will be disabled. Since nobody should be running these servers, what exactly is the collateral damage to the "innocent"?

[My-Self]

Blacklist worked well ...

If the ISP decided to let the situation worsen to the point where 17000 of their IP are sending spam, then there is a major problem. By blacklisting them, SPEWS forced them to take action, and since they know they're guilty as charged, they don't even complain.
May that be a lesson for all other ISP who neglect to take preventive measures so that their network does not become a major spamming platform.

[Sam Papelbon]

exactly

the customers who leave their systems vulnerable end up annoying many other customers. getting blacklisted until they fix their systems is very appropriate.

say some criminal mastermind snuck into your house one day and is sending off mail bombs from your mailbox without you knowing he's even there. the police should be able to barricade your house off until he's ratted out even though you did nothing wrong. "but i don't have to lock my door!!" "no.. but here's a free lock"

[Razzl]

Blacklists work, focus on the real culprit

There are any number of major isp's out there who are taking appropriate measures to keep their customers from becoming spam zombies--customers of those who aren't should direct their ire at their isp, not at the blacklist. Blacklisting shuts off the zombies from that source and makes the isp correct the problem. Focus on the real culprit here, which is the isp, not on the blacklist, which is part of the medicine that cures the problem.