They just DO NOT CARE.

[mc721221]

http://www.spamhaus.org/SBL/listings.lasso?isp=telkom.co.za


SBL27222
165.146.52.116/32 telkom.co.za
20-May-2005 15:08 GMT 419 Lottery Scam

SBL25075
165.146.3.0/24 telkom.co.za
19-Mar-2005 17:42 GMT Advance Fee Fraud via Hotmail

SBL24958
165.146.1.0/24 telkom.co.za
16-Mar-2005 18:19 GMT Advance Fee Fraud

SBL24845
165.146.53.0/24 telkom.co.za
12-Mar-2005 17:47 GMT Advance Fee Fraud via Hotmail

SBL24489
165.146.120.125/32 telkom.co.za
05-Mar-2005 02:11 GMT Virus Source

SBL23922
165.146.54.125/32 telkom.co.za
14-Feb-2005 16:56 GMT Advance Fee Fraud

SBL23316
165.146.26.86/32 telkom.co.za
29-Jan-2005 03:58 GMT Advance Fee Fraud

SBL22187
165.146.4.94/32 telkom.co.za
24-Dec-2004 00:02 GMT Virus infected PC

SBL21889
165.146.15.0/24 telkom.co.za
13-Dec-2004 12:45 GMT Advance Fee Fraud

 

[Karnaugh]

Errr, and what did you expect?

people with trojens on their PC's very often get exploited by spammers - and running an SMTP server on a dynamic IP is a rather stupid idea anyway.

 

[Byrd]

Errr - stupid? Even with dyndns? Telkom should be monitoring this and reporting odd activity to their clients.

Do Telkom really expect people that use less than 3 Gb a month to be the type of users that would be able to maintain reasonable security on their systems?

 

[mc721221]

Karnaugh - I said nothing about a SMTP server.

 

[Karnaugh]

Errr - stupid? Even with dyndns?

Yes - very stupid. Most big SMTP servers block dynamic IP ranges by default.

 

[bb_matt]

No ISP "cares" to that degree - it's simply impossible to keep on top of things like this.

Telkom run a dynamic IP address range like most ISP's do - there's no way in hell they can monitor all the people connecting to thier network and block people who have viruses - if they did that, they would go out of business, because half thier customers wouldn't be able to connect !

It's not the ISP's responsibility to ensure thier customers don't have viruses.

 

[Byrd]

Karnaugh - if that is the case why is it a problem to have an SMTP Server running and accessable. Surely spamming would then be impossible.

Secondly if you are running the server as a company server intended for internal communications purposes it could be usefull.

bb_mat - Where did I say disconnect users who have viruses? I thought that I had said "reporting odd activity to their clients". Simply because no ISP currently "Cares" to that degree it does not mean that they couldn't or wouldn't do so at some stage in the future.

I am sure that in the past somebody had said "It is impossible to scan all users incomming emails for viruses / spam, not because half their customers would not get any emails, but simply because it would prove too complex". Most ISP's now offer this kind of protection.

I know that it is not the responsibility of ISP's to ensure that their users do not have viruses. It is also not their responsibility to scan emails for viruses.

Your argument about Dynamic IP Address Ranges holds no water - they seem to find it relatively easy to keep track of traffic on an account.

 

[Karnaugh]

Karnaugh - if that is the case why is it a problem to have an SMTP Server running and accessable. Surely spamming would then be impossible.

That makes no sense - its the SMTP server that does make spamming possible - all ISP's have an upstream SMTP server that only allows sending from its own dynamic IP base - those servers are generaly not blocked. Dynamic IP ranges are blocked because those clients should be sending through their upstream SMTP server, not their own server.

Secondly if you are running the server as a company server intended for internal communications purposes it could be usefull.

And lots do - except they relay mail through a static IPd server, like their ISP one or an offsite server. Servers that are recieving mail which are on a dynamic IP are very anoying, and prone to mail loss.

Your argument about Dynamic IP Address Ranges holds no water - they seem to find it relatively easy to keep track of traffic on an account.

Traffic on accounts is drawn from the RADIUS authentication server for the RAS or PPPoE BRAS. Dynamic IP address ranges should only be relaying to an upstream SMTP or some other SMTP that is on a static IP - this is how it works, it need not "hold water" it simply is as it is.

 

[mancombseepgood]

Actually I agree with byrd and MC

Or does everyone else think Telkom don't make enough money for their services?!

Come on - they can afford to monitor every port 25 in and out - or am i missing something?

In fact I believe that the upstream guys should take responsibility for offering free filterning services to clients - at least to allow the client to turn this feature on or off for their account. This can be done, if they take an interest...

 

[Karnaugh]

The point that seems to not be getting through is that many other SMTP relay servers block dynamic IP ranges because they are a common source of spam. I dont advocate this, and personaly I'd drop my ISP like a rock if they didnt allow opt-out spam filttering - I run a few mail servers, and its actualy far easier on the server to bypass people who get large amounts of mail - Spamassassin and other filtering takes a crap load of resources.

Ideally in a traffic jam, getting everyone to reverse would solve the problem yes, but one has to accept the differences between "what should" and "what just IS"

SAIX monitoring the contents of your email (via "monitoring every port 25") is firstly rather illegal unless you agree to it (I sure as hell don't want them sniffing through my personal emails!!!?!?!). And secondly, it isn't going to stop the rest of the earth from rejecting the mails (unless they were to suddenly declare those address ranges static - which would require allot of resources and a huge mess of global routing tables). Also - are you familiar with the amount of resources (ie processing power) it would require to to layer 7 monitoring of every single ADSL users SMTP port?

If you're still lost then just go read the spam site FAQ's or something, I'm not trying to educate anyone on network management.

 

[mancombseepgood]

blah blah, blah blah, blah

 

[Darth Garth]

Easy solution.

They should simply block port 25 and shut down all folks who are infected as some overseas ISP's have done.

 

[Karnaugh]

The resources required to do this on ALL dsl lines would not be such a problem if bandwidth was not so low because of infected machibes

Well, considering it takes us a dedicated 2Ghz box with 1Gb of ram to do bayesian scanning about 10 emails a seccond (at full load) I'll let you be the judge of that, tailoring opt outs and DB look ups decreases that to about 10% load when the queue is full (which took me considerable time to optimise) - SAIX handle far more than that.

The rest of your post is nonsensical from a technical standpoint.

Why should the rest of us suffer limitations and prying into our personal emails because some machines are infected? And adding to that - other ISP's block dynamic ip blocks, solving the problem "once and for all" - so isnt that what you're saying.

"We should not be building surveillance technology into standards. Law enforcement was not supposed to be easy. Where it is easy, it's called a police state." -- Jeff Schiller 99.10.12