Home page logo
/

nanog logo nanog mailing list archives

RE: Barracuda Networks is at it again: Any Suggestions as to an Alternative?
From: Ray Corbin <rcorbin () traffiq com>
Date: Mon, 11 Apr 2011 07:07:55 -0500

I don't think they had blocked mail coming/going from yahoo.com/google.com which would have been more careless to their 
subscribers (especially when our outbound units were processing a few million emails a day from our customers). They 
blocked the domains so you couldn't have a link to google/yahoo in the body and then set that as an update for all of 
their devices. I believe it was something about a URL redirect on each site that spammers were using..but this was a 
several years ago so I don't recall exactly.

-r

-----Original Message-----
From: Jon Lewis [mailto:jlewis () lewis org] 
Sent: Monday, April 11, 2011 7:56 AM
To: Ray Corbin
Cc: nanog () nanog org
Subject: RE: Barracuda Networks is at it again: Any Suggestions as to an Alternative?

On Mon, 11 Apr 2011, Ray Corbin wrote:

<rant>I had experience with Barracuda as outbound anti-spam filters for 
a very large hosting provider and I won't use Barracuda again. Some of 
their methods for blocking spam are a tad extreme. At one point they 
decided to block both yahoo.com and google.com in their domain filters 
because neither company responded timely to their complaint emails and 
wanted their attention.

Those both have pretty poor reputations for handling outgoing spam and 
other abuse issues.

Yahoo is notorious for the "the message in your complaint did not come 
from our servers" response, when any idiot who can read headers can see 
that it clearly did come from their servers.  They've gone a step beyond 
this recently by refusing to accept spam complaints to abuse () yahoo com 
unless they're in ARF format.  That raises the bar high enough that unless 
you have the skills to easily turn yahoo spam into ARF-compliant reports, 
you can no longer send them complaints when you receive spam from their 
servers.

Google (gmail.com) is the only free-mail provider I'm aware of that hides 
the spammer's originating IP.  All sorts of abuses seem to be tolerated 
there for much longer spans of time than you'd think it would take "the 
brightest of the brightest" to lock things down.  i.e. URL redirectors 
used by spammers for months, phishing collectors reported to Google 
security, and nothing apparently done about them.

Sometimes, the only way to get an appropriate reaction from an org that 
just doesn't seem to care about its abuse issues is to make those abuse 
issues cause them some pain.

----------------------------------------------------------------------
  Jon Lewis, MCP :)           |  I route
  Senior Network Engineer     |  therefore you are
  Atlantic Net                |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault