On Thu, 22 May 2014 22:27:28 +0200 Jan Ingvoldstad <frett...@gmail.com> wrote:
> > I'm saying: > > Send an _e-mail_ to the abuse contact point for the IP address block > owner. > > Don't simply blacklist. Well, feel free to add the IP address in > question to a local blacklist, but if you can't be arsed to notify the > netblock owner, don't expect anything to happen with the problem. > And don't expect anything to happen anyway. I notify universities, large, well-known companies, and most companies in my own country. ISPs and everyone else are a waste of time, and many parts of the world (I'm looking at you, LACNIC) don't even seem to publish abuse addresses. The large email hosts (Google, AOL, Yahoo etc.) don't have abuse addresses as such, and make it extremely difficult for anyone other than their own customers to report abuse. But you normally only get one spam at a time from one ISP, which suggests they do spot the problem themselves fairly quickly: I usually see spam that is many hours old, and it's rare that I get two from one CIDR block on the same day. And I've seen enough scare stories about major ISPs getting on public blacklists, even if only temporarily, so I make one of my own, that way I make the decision as to who goes in it. All dynamic blocks are fair game, as are certain large US ISPs (Roadrunner, Comcast etc.) and anything where the offending PTR is a disguised IP address. Plus about twenty country codes and two named European ISPs... and Hinet, of course. -- Joe -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20140522231738.4f8ad...@jretrading.com
