New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
I would just go to a $3.50 VPS provider that's also good and does not ask these things.
I usually cancel if ask for id but other verifications is usually fine with me.
I'm getting successful queries without contact information. Is this a bug or have you just not implemented the required contact field?
That.
Yes, because your datacenter is shit then. Utter shit. Shit that no one ever should use in any case. Idiotic choice, especially as i am sure you never asked them about abuse policy beforehand.
Must agree with @William here. If the Datacentre is not provider friendly they should gost no providers.
If the Datacentre null routes for spam, instead of acting adequately and block port 25, they should host no one.
I would force outgoing traffic through port 25 to a single host. Namely my own e-mail server with anti-spam features.
Queries after Dec. 1st will return an error if there's no contact information so I advise people to code in contact information now instead of forgetting about it later.
At some point if you get enough SBLs you will be shutdown.
@William and @Clouvider should we keep ROKSO customers? Ignore SBLs?
You are a pussy to bow in front of Spamhaus and get fucked by them (and you seem to love that), you sell your soul to some anonymous Swiss company.
You should NEVER just null an IP - You HAVE to contact the customer before and give him time to resolve the problem himself, at least 12 hours. Everyone does that, including Softlayer, Leaseweb and OVH and they never had escalation issues with Spamhaus.
Not typically cheap
Everyone deals with Spamhaus the same way, even the companies you mention.
What makes you think that we didn't do that? We always notify customers about the issue first, at least a couple times. It's easy to say crazy things and beat up on a provider when they can't share any facts.
Btw, just tried this. IPs were listed at sorbs. I understand blacklist issues but if your entire purpose is to avoid it... fail
Bad idea, 90% of spammers are stupid and come up on fraud record anyway
Just ask what email they are sending and how much and you should be fine, hopefully your spammers are as honest as the ones i see - "opt in newsletter" normally means spam...
@VPSSoldiers We have a pretty simple policy that tends to work for our group. If you request reverse DNS we require you have a forward DNS setup before requesting and if the hosts look fishy or to be spammers we immediately notify the customer that we have a no tolerance spam policy and if they begin to spam from the server one or more of the following will happen:
We will block port 25 to your server if you fail to reply to any abuse notification in 24 hours (the first time, second time we block immediately port 25 until the issue is confirmed resolved). In your case you are blocking until they ticket which is fine, but you should still let them know that failure to handle an abuse issue in a timely fashion will result in port 25 being disabled again.
We will bill your account administrative fees for having to deal with cleaning any ips (which they also agree to in the TOS) which can be from $25 (our base charge) to $500 depending on the abuse seen.
If there is any repeat to the abuse or you fail to contact us within 72 hours on an issue we will suspend your service.
Asking for ID won't really prove more than they are able to generate a fake ID in the worst case, and that they exist in the best. Either way, this will not prevent them from doing what they are intending, so really, this doesn't help you much. People without morals and ethics will still be people without morals and ethics whether they have given you their ID or not.
Asking their intended use for the service is completely within your purview and if a client refuses to give you information about their intended use, it is likely they intend to spam and you don't need them as a customer anyways, so let them be upset and leave.
You let one customer get away with it or allow them to get around these rules and that information will make it out and you will start getting a ton of sign-ups requesting the same stuff. If you stand strong on your rules you will find quickly that they will be passed around and your abuse sign-ups will eventually lessen in the same way.
You drive your services policy, not your $3 per month customers, if they can't deal with your policy then they weren't really a good customer to begin with. Let them go. There are many more fish out there that will buy without the want to abuse your services. If you start catering to random people and giving in on your policy people will see this and simply start abusing you.
my 2 cents.
Cheers!
What, no sperm sample?
Thats for every other port
/sarcasm
I was looking at this, then I saw the price.
You could use some phone verification or sms verification service.
Spammers don't have phones?
That's only cost-effective for millions of e-mails.
Sendgrid starts at only $80/mo with Subuser API.
It would add a layer of verification though and a waste of a lot of phone numbers, if people would repeatedly sign up to spam. I guess people will then move on and search for a provider where it is easier to spam.
You can also search and report phone numbers in fraud record, so it makes it easier to track people
I'm really looking for something transparent, not to hide the fact that I'm filtering but rather so people don't have to go through and setup a smarthost though maybe I should just do it that way and use something like SpamExperts.. At least then they have incoming filtering also...
Ehm, phone verification "services" cost for $.10 to $.50 a pop. That's rather dirt cheap.
I dont think that is the issue, I think they just don't want their IP space blacklisted.
Its not hard to monitor traffic flow on port 25 and then once a certain threshold is met, either send you an email or just suspend the VM.
You could also rate limit traffic on port 25
Setting up smarthost and pre scanning the Outbound mail would be the Good option for now as you said
Just my opinion
You may want to be careful with that, you are technically intercepting traffic
What are the other options out there aside from filtering? I understand there is rate limiting but that didn't seem to work last time I tried as I ended up null-routed.
Monitor the traffic volume on port 25 per IP. You'll see spammers right away, most of them are hit and run.
Or block port 25 by default and let customers request it from you. When they request it, you can then monitor port 25 traffic volume specifically.
Spammers don't send 2-3 emails a day and call that useful. You'll see a deluge of traffic very quickly
And make sure you say you rate limit port 25 in TOS or something so they won't even bother signing up.