[139493] in North American Network Operators' Group
RE: Barracuda Networks is at it again: Any Suggestions as to an
daemon@ATHENA.MIT.EDU (Ray Corbin)
Mon Apr 11 08:08:07 2011
From: Ray Corbin <rcorbin@traffiq.com>
To: Jon Lewis <jlewis@lewis.org>
Date: Mon, 11 Apr 2011 07:07:55 -0500
In-Reply-To: <Pine.LNX.4.61.1104110743080.5148@soloth.lewis.org>
Cc: "nanog@nanog.org" <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
I don't think they had blocked mail coming/going from yahoo.com/google.com =
which would have been more careless to their subscribers (especially when o=
ur outbound units were processing a few million emails a day from our custo=
mers). They blocked the domains so you couldn't have a link to google/yahoo=
in the body and then set that as an update for all of their devices. I bel=
ieve it was something about a URL redirect on each site that spammers were =
using..but this was a several years ago so I don't recall exactly.
-r
-----Original Message-----
From: Jon Lewis [mailto:jlewis@lewis.org]=20
Sent: Monday, April 11, 2011 7:56 AM
To: Ray Corbin
Cc: nanog@nanog.org
Subject: RE: Barracuda Networks is at it again: Any Suggestions as to an Al=
ternative?
On Mon, 11 Apr 2011, Ray Corbin wrote:
> <rant>I had experience with Barracuda as outbound anti-spam filters for=20
> a very large hosting provider and I won't use Barracuda again. Some of=20
> their methods for blocking spam are a tad extreme. At one point they=20
> decided to block both yahoo.com and google.com in their domain filters=20
> because neither company responded timely to their complaint emails and=20
> wanted their attention.
Those both have pretty poor reputations for handling outgoing spam and=20
other abuse issues.
Yahoo is notorious for the "the message in your complaint did not come=20
from our servers" response, when any idiot who can read headers can see=20
that it clearly did come from their servers. They've gone a step beyond=20
this recently by refusing to accept spam complaints to abuse@yahoo.com=20
unless they're in ARF format. That raises the bar high enough that unless=
=20
you have the skills to easily turn yahoo spam into ARF-compliant reports,=20
you can no longer send them complaints when you receive spam from their=20
servers.
Google (gmail.com) is the only free-mail provider I'm aware of that hides=20
the spammer's originating IP. All sorts of abuses seem to be tolerated=20
there for much longer spans of time than you'd think it would take "the=20
brightest of the brightest" to lock things down. i.e. URL redirectors=20
used by spammers for months, phishing collectors reported to Google=20
security, and nothing apparently done about them.
Sometimes, the only way to get an appropriate reaction from an org that=20
just doesn't seem to care about its abuse issues is to make those abuse=20
issues cause them some pain.
----------------------------------------------------------------------
Jon Lewis, MCP :) | I route
Senior Network Engineer | therefore you are
Atlantic Net |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
