Thread: Do Not Call listings to expire in 2008
View Single Post
  #27   Report Post  
Posted to rec.crafts.metalworking
Michael A. Terrell Michael A. Terrell is offline
external usenet poster
  
Posts: 12,924
Default Do Not Call listings to expire in 2008
"DoN. Nichols" wrote:

According to Michael A. Terrell :
"DoN. Nichols" wrote:

[ ... ]

If you look at the details of most spam source IPs from *any*
country, you will find that it is not from the ISP's servers, but from
cable or (A)DSL connected machines which are not *supposed* to be
sending out on port 25 (the SMTP port) anyway.


Appaerntly, Earthink is doing a good job trapping domestic spam. I
still see more foreign spam in languages that can't be displayed on my
computer, so all I see is random garbbage.

O.K. Glad to see that it is unreadable on a typical Windows
computer too. :-)

It is often (in my experience) either in the "Big-5"
characterset (Chinese) or the "KOIR-8" characterset (Korean) -- even
when it comes from IPs in the US. :-)

I usually see it as just a row of '?????' in the "Subject: " and
"From: " headers.

It just goes to show how the use of remotely compromised
machines makes it really difficult to trace down the real source of the
spam.

I also see a lot of repeated delivery attempts even though each
is rejected. Here are the ones with 40 or over refused attempts (this
week) before I blocked them totally by re-routing the IPs to 127.0.0.1.

================================================== ====================
40 pool-70-104-151-168.lsanca.fios.verizon.net
40 static-71-127-51-195.washdc.east.verizon.net
40 stsou2-wifinat.cust.termsnet.cz
41 89.123.33.250
41 c-71-198-191-149.hsd1.ca.comcast.net
42 68-186-243-229.dhcp.oxfr.ma.charter.com
48 sivka.carrier.kiev.ua
58 fmmailgate04.web.de
60 mx.alita.ru
64 mail.futures.ru
70 203.81.19.122
105 122.129.243.47
114 mail2.doubs.fr
================================================== ====================

As you can see -- there are quite a few in the US, even given
that all of the raw IPs are from outside the US (Korea in at least one
case, and China in another among the largest numbers.)

When I notice enough repeats of a given source scrolling up my
console window, I add it to the block list -- and depending on where it
is from -- I may expand that to as many IPs as I can.


How about importing all the addresses into a databse to sort them for
you?


Also -- notice that none of the US based ones have true DNS
names -- just auto-generated ones for the connections which are not
supposed to be running mail servers. I feel no compunction about
blocking those -- if they can't get a registered DNS entry indicating
that it is a mail server, then I don't need to accept SMTP connections
from them. :-)


I will be moving my websites to a new host soon, and likely have my
own problenms with a email server. They give me 2500 email accounts,
with the basic package.


--
Service to my country? Been there, Done that, and I've got my DD214 to
prove it.
Member of DAV #85.

Michael A. Terrell
Central Florida
Reply With QuoteReply With Quote