Unacceptable: Forced to use WBS's SMTP server

[inso]

That should be up to the mail admin, not the ISP.

I was referring to mail being relayed through the internet. As soon as it leaves your network, its out of your control, so whether your ISP or the receiver's ISP / corporate policy does it is a moot point.

Hell yeah it will. But As I stated in my earlier posts if they come down hard on the offenders then it will cause them to be avoid by spammers. Anyway whats stopping spammers just using the WBS mail server now? And when that gets blocked?

Now you can very easily set up sane rates. Spammers work on the shotgun effect: try and broadcast to as many as possible, as fast as you can. You can now easily have it tarpitted, so that as soon as some IP address is sending its 20th email in the past 5 seconds (just random numbers), you start decreasing the throughput with which you handle his email requests. It should be fairly easy to come up with a break-through point where it minimally affects the user, but severely pisses off the spammer.

I would love to know where you dragged that number from. I agree the majority of users will be uneffected by I think you would find the amount of effected users far higher. I'm thinking of people who run there own servers, monitor mail servers, pay for a special mail server setup (i.e. a system which archives all mail, or digitally signs all mail automatically), the WBS resellers who run their own mail servers and all their clients and so on. Yes I agree that at the end of the day the bulk can work around it. My issue is why should they have to?

Let's call it an informed thumbsuck. As I said, the biggest majority of ISP users are plain vanilla dial-up users, with very simple email needs. They just need to point the MUA at something, and they mostly shouldn't be running their own mail server anyway. Corporates should have a mail hub that focuses all their mail on one server, after which it is trivial to add the iBurst SMTP server as a smarthost. You really have to have a special need to not be able to use their relay server.

Agreed when choosing iBurst personally and recommending to friends/family/clients it wasn't a factor since it wasn't an issue. Now that it is blocked and the way WBS has handled this it is an issue and it is a factor in cancelling iBursts and not recommending it to anyone else.

It's not difficult, but why with very little warning should this be shoved onto people to do.

My question, once again, is: besides the way that they handled it (which I *agree* could have been MUCH better), what impact does it have on any normal customer/family member/friend who simply has to change their software once?

Care to name one? I have never seen this practise on an major ISP level, ANYWHERE. I've seen it done in other places before, mostly on a corporate level. But NEVER an "major" ISP level.

Just search through slashdot -- there are numerous big ISPs mentioned there. In fact, the practice of blocking port 25 has been discussed /ad nauseum/ there, and may provide insight for those not convinced yet Also, as always, google is your friend.

A selected few to get you started:

• They Blocked My SMTP, Now What? -- Advice for everyone stuck with the current setup
• ISP Responsibility in Fight Against Spam
• FTC Recommends ISPs Disconnect Spam Zombies
• More MyDoom Gloom -- Starts out with Optus (a HUGE .au ISP) blocking port 25, albeit selectively

How so? It seems now all the spammers need do is use the WBS mail servers. Which in turn slows them down, makes them less reliable, and gets them blocked. Seems to me that this is a bad move.

See my reasoning above. The other nice thing that this catches are all these new viruses which start their own SMTP mailing -- instant fix to another scourge. And tarpitting them at the SMTP server will also catch variants that will try to relay the message.

The thing is, now ISPs can monitor volumes of email sent by customer; this will provide them with a stick with which to beat clues into the clueless. And again, I'm not saying anything about iBurst or any other provider's previous actions; I'm assuming a good, responsible ISP in all my posts.

In my case I have to change 30 domain names records for this. I need to test all the records before appling them. I need to generate the SPF information. I need to hope that WBS does not change there IP addresses and mail server domain names without prior warning or it will break the SPF again.
The change itself isn't hard, it's everything else that goes with it thats time consuming and hard.

This unfortunately falls more into good customer relations and management, rather than the problem of blocking port 25 as such. They have a responsibility towards their customers to maintain a stable network, and not effect changes that will make life difficult for everyone.

 

[inso]

I entirely disagree that it's a good measure to overcome spammers, and spamming. It is in my view, braindead.

The proper way to deal with it, would have been to put their modem IP range into the MAPS DUL list so that no corporate, or sane SMTP server would even think of receiving mail from them.

I maintain that it has its place. It can stop braindead viruses dead, and severly limit spammers' options if you employ tarpitting. You now also have a pretty solid record of any possible abuse by a user, should the NIA/NPA start an investigation, which will help your legal case, as another user wanted. By forcing users through one / a few servers, they will ultimately be removed from DULs, since no more spam can directly originate from users, which makes the DULs/RBLs more optimised. Queries against it will be limited to those few machines, allowing for other benefits, such as result caching.

Your comment was specific to regardt's case. I was trying to extrapolate it to the fact that "not everyone does this" or has that kind of control over their boxen. And that is a fact. "You get what you pay for" doesn't seem to be the case with iBurst, at the moment. And that, quite frankly is what this discussion is about.

Sure, but I was also generalising the fact that this change doesn't affect nearly as many people as you'd like. We've gone over those special cases before, and with research or co-operation from iBurst, you should be able to fix your problems.

Unfortunately, I'm not mistaken. I saw those pings during the course of the first morning. From a pretty nice fat local backbone driven by Diginet, not iBurst. Matt's indicated that it wasn't due to routers amongst they way either. It has obviously calmed down this evening. Who knows what tomorrow holds?

Let's call it growing pains, then, and give them the benefit of the doubt. I'm again looking at mtr, and everything seems fine here. I'm trying to be objective here -- I have nothing to gain or lose from iBurst being slated, but I do have a desire to keep the discussion objective, since a LOT of postings here are too subjective and just rants and moans.

This, exactly is my argument, I fail to see how this is prudent. Please convince me otherwise, because I feel like I may be missing you on this point. How is forcing all mail through WBS's smtp server that just blindly forwards everything kerbing a lone spammer? Am I missing something terribly obvious? I just don't see it.

I hope I have made that point now. Sure, it would be easy for a spammer to get around it, if the mail server just does what it does, blindly. But the point is that the ISP now has more control over that, which they are responsible for tuning now. Before this move, they had zero control over SMTP zombies on their network; a network for which they are responsible, and need to maintain a QoS for.

Unless we take WBS's "The relaying of bulkmail is discouraged on the iBurst network. Certain restrictive measures will be enforced to ensure that the relaying of bulk mail does not adversely affect other traffic on the network." statement to mean that there may be even MORE limitations on sending mail than what we know of? What, are they now going to limit you to 1 email per minute? Who decides what is "bulk" email? WBS? I hate spam as much as the next guy, but hell, this is getting ridiculous.

Well, this will be simple. If they anger their users even more, they will lose more business. Hopefully, they will choose sane defaults, but you as consumer still has the deciding (monetary) factor.

This whole thing reminds me of people moaning about falling into a stop-go queue at roadworks. Ostensibly, the road works are there to better the service for everyone, but only a select few have a terrible issue with it, since they may be in a big hurry. There are ways around it; if you are prepared, you can take your 4x4 through the field next to the road, but for most people the wait is bearable, for the bigger cause. If you absolutely cannot live with it, take a different road, or build your own, at great expense, that only you can travel on. Maybe a bad analogy, but that may be the socialist in me

 

[TheRoDent]

Now you can very easily set up sane rates. Spammers work on the shotgun effect: try and broadcast to as many as possible, as fast as you can. You can now easily have it tarpitted, so that as soon as some IP address is sending its 20th email in the past 5 seconds (just random numbers), you start decreasing the throughput with which you handle his email requests. It should be fairly easy to come up with a break-through point where it minimally affects the user, but severely pisses off the spammer.

And this warranted the installation of an intrusive SMTP server? I can imagine about a dozen iptables rules that would have sorted that out perfectly well, without interfering with SMTP.

I still fail to see how a MAPS DUL listing wouldn't have easily solved this issue.

Just search through slashdot -- there are numerous big ISPs mentioned there. In fact, the practice of blocking port 25 has been discussed /ad nauseum/ there, and may provide insight for those not convinced yet Also, as always, google is your friend.

None of those articles convinced me that this is sane practice. In fact most of the populace and comments indicate that one should move ISP's when such invasive measures are encountered, and I can say that I have to agree. The Optus userbase were just as angry when this ocurred.

They have a responsibility towards their customers to maintain a stable network, and not effect changes that will make life difficult for everyone.

I think they have larger problems than SMTP when it comes to stabilizing their network, but that's beside the point. The issue for me is that iBurst is now essentially useless for "professional" use. Perhaps this is their strategy and the true reason behind this madness.

Sentech didn't have to resort to these kind of measures. Telkom don't have these measures. Yet their services still seem to be working pretty darn reliably.

Welcome to iBurst ! Dial-up style highspeed crippled broadband for mom and dad. Yay.

 

[DFantom]

Now you can very easily set up sane rates.

Fair enough, but this does not stop spam, spammers, or lower the chances that WBS could be blacklisted.
This also could have been done with an SMTP proxy that all SMTP traffic is route to it first on the WBS network.

Let's call it an informed thumbsuck.

OK. My informed thubsuck tells me that initially this will effect around 15% of users while this will eventually drop to around 3-5% of users. I can not see in any ideal world how it is 0.01% is only effect. To put this in real numbers, the last number out of WBS was there was 8000 users, which by your amount means that less than one user is effected. I know personally more than that have been effected.

what impact does it have on any normal customer/family member/friend who simply has to change their software once?

Agreed, the normal users are effected to a small part. But that is not the issue here. This forum is not made up of normal users for the most part. The issue is that advanced users, and users in special situations are screwed by WBS thanks to bad communication which you seem to agree with.

A selected few to get you started:

Thanks for the time taken on this. But lets have a look through what you provided

They Blocked My SMTP, Now What? -- Advice for everyone stuck with the current setup

Lists Arnet and Charter, two ISP's I've never heard of let alone seem to be "huge"

[*]ISP Responsibility in Fight Against Spam
[*]FTC Recommends ISPs Disconnect Spam Zombies
[*]More MyDoom Gloom -- Starts out with Optus (a HUGE .au ISP) blocking port 25, albeit selectively

Nothing about a major ISP blocking port 25 traffic? :|

I still fail to see how a MAPS DUL listing wouldn't have easily solved this issue.

Care to explain how it could? I fail to see how, by itself, a MAPS DUL would stop spam.
I do believe it should have been done though, and used in conjunction with a number of other solutions (SPF, tarpits, specific rules, more enforcing of the AUP on spammers etc...) to provide a complete system that does not cause problems for the users while at the same time provide a higher security level and lower spam/virus levels.

 

[DFantom]

Also, as always, google is your friend.

I googled and found this nice list of american ISP's that block
http://www.kwsonline.com/rcenter/ispconfig.htm
Also found an article about telstra blocking. So, I'll agree that some huge ISP's block port 25.
But I also found plenty of articles ripping the theory to threads and providing alternatives and lots that suggested it as a good system, I also found a perfect example of how this hould have been handled
http://www.computerworld.co.nz/news.nsf/0/220264123067C2A4CC2570190038909E?OpenDocument

I see your point is the theory of port 25 blocking is good, and on many levels it is. But at the end of the day the real problem is communication failed, AGAIN, with WBS. And again, WBS looks like they are incompetent and again WBS is losing clients. I see you say, it's growing pains, well maybe WBS should start learning from it's pains instead of repeating the same mistakes time and again. Hell go off, head hunt so people from ISP's who have been around for a while and get them in their to advise, running an ISP is not like running a lotto network and there constant treating of iBurst as the same as the lotto network is the real issues.

 

[TheRoDent]

A listing of iBursts' ip range in the MAPS DUL list would kerb spam to a large degree. Most mailservers these days refuse SMTP transactions from anyone listed in the DUL. Telkom's ADSL IP's are all in the MAPS DUL. Granted, not every SMTP server out their uses the DUL, but most well maintained ones do.

This, in my view, goes a great way to stop spammers from directly contacting SMTP servers via their iBurst assigned IP. This is a "least harm" first approach to controlling bulk mailers on your network. Granted, it's not the only approach that would lead to stopping unsolicited SMTP traffic from the iBurst userbase, but it is a much better start than simply blocking all SMTP traffic. In conjunction with the other mechanisms you mentioned, a least harm result could have been obtained.

Telkom, and Sentech did this. I don't hear complaints from Sentech or Telkom users about SMTP. They can use their ISP's relay if they so choose, but they're also free to contact their own SMTP servers from their terminals in a manner consistent with the actual design of SMTP (which I will grant, in this age of spam, is ageing, croaking, and flawed).

My problem isn't with the fact that WBS took steps to reduce spam and zombie SMTP traffic from it's subscribers. My problem is with their "solution". There are a great many options which would have had a less detrimental effect.

 

[jmn]

Tx inso, TheRoDent, DFantom, this is a very interesting discussion, actually worth saving.

 

[DFantom]

This, in my view, goes a great way to stop spammers from directly contacting SMTP servers via their iBurst assigned IP. This is a "least harm" first approach to controlling bulk mailers on your network. Granted, it's not the only approach that would lead to stopping unsolicited SMTP traffic from the iBurst userbase, but it is a much better start than simply blocking all SMTP traffic.

Agree 100% with that.

 

[ic]

// begging for shorter replies to match my short attention span...

 

[Azgard]

This might have been discussed already, if it has been I'm sorry but it would take me ages to read through this whole thread.

Now that WBS have blocked SMTP servers does that mean I can't send mail with gmail anymore? I tried tonight and wondered why it wasn't working then remembered hearing about this. I've been saying IBurst is good up until now but if this is the case I'm looking for another ISP.

 

[MrH]

Gmail is working fine, maybe you had a bad signal when you tried.

 

[Azgard]

I can get into gmail and receive mail fine, signal at full as always. But none of my sent messages go through, I tried sending one to my email forwarding account to test and it didn't go through. But sent one to my gmail account from WBS webmail and it works fine :/

 

[MrH]

Thats weird and I just tried now from my webmail (not wbs webmail) to gmail and it's working fine. Maybe it has something to do with the wbs webmail account.

Also worked from gmail to webmail.

 

[MrH]

Just tried again now and it's not working in either direction.

Did a test from gmail to gmail and that works.

Also did a test from webmail to webmail and that also works.

Seems to be a problem between the two of them for some reason.

maybe someone else can do tests from other email providers to see if that works.

 

[TheRoDent]

You won't be able to use GMail's SMTP service any more. You have to relay through smtp.wbs.co.za, by changing your SMTP server for your gmail account in e.g. Outlook Express.

If you're lucky, and WBS's mail server feels like it, it might go through. However direct SMTP'ing via gmail is over.

 

[MrH]

If thats the case then as much as I like iburst speed I can't see me putting up with this cr@p for too much longer.

 

[slimothy]

i'm not sure about this whole thing, because i tried hotmail and it worked and then it didnt and then it did but took a long time, so either they're still playing with it or some servers are excempt, which i doubt

 

[regardtv]

Supposedly some mail servers will be exempt....

Just wish they went the maps route....grrrr

 

[seburn]

Anyone else only allowed to send 2mb using forced wbs smtp. I got a rejection reply.

 

[GRES]

Sending hundreeds of E-mails with 2 - 15Mb size. No problem at all. Was problem to recieve such mail from USA-based server but now it's fixed.
IMHO you recipient mailbox has restriction.