HI Admins of UCEProtect

I read thru your readme file about how we got one of mail servers
listed (202.91.163.31). I grepped through the maillog files and sure
enough found one record with the UCEPROTECT label. I am willing to pay
for the instant removal of our IP. As i dont have paypal or use
moneybookers, do you accept other forms of payment? (note, i have visa
card).

Secondly, while i was able to trace the record, i am not certain as to
which of our hosted domains (we are data center hosting facility) in
fact sent the erring piece of email. The IP belongs to a server that
is hosting several virtual server with about 90 hosted domains. We are
running Plesk with Horde on the domain, so the all the records from
all the domains are lumped into one big maillog file. Any assistance
would be appreciated. The maillog does not indicate a from: data you
see.

This is what i can see from our maillog:

In article news5.newsguy.com>, ipal.net> wrote:

When it's bulky.

Backscatter in response to a single person-to-person typoed message
isn't spam, even if one of the typoes is in the From address. I've
never seen any of that kind.

Backscatter in response to a spam run or other bulky thing is spam.

(So yes, I consider the ton of crap I get whenever I post to Bugtraq
as spam.)

Seth

In message <12t6lgnt1tf8p4e@corp.supernews.com>
clewis@nortelnetworks.com (Chris Lewis) wrote:

According to ipal.net>:

Compliant with the security requirements perhaps, but in this particular
case, skirting very close (if not right over the edge) of non-compliance
with laws and regulations covering them.

Believe me, I don't think you want _these_ NDRs to blackhole. At least
if you're American.

I assume they have a policy against OOO crap.

They are probably smart enough to understand the tradeoffs. I'll
bet they would be happy if they could just turn off NDRs and
would accept the confusion when mail is lost without any notice
in the case of typos.

On Wed, 14 Feb 2007 17:09:18 GMT Chris Lewis nortelnetworks.com> wrote:
| According to ipal.net>:
|
|> There are many reasons to not do backscatter, and virtually no reasons
|> to do so. The biggest reason I've heard is that a few mail programs do
|> not have a way to avoid backscatter due to poor design. But the excuse
|> doesn't fly well because there are plenty of mail server programs that
|> can do TRT.
|
| A day or two ago, I was speaking to a, er, "governmental agency"
| (which I'll leave nameless) that was more than a bit "stuck".
|
| Security policies imposed on them from the, er, "another governmental
| agency" was such that it was impossible from a security perspective to
| have the front end (required to be _outside_ of the DMZ) "know" what
| the valid recipients were (either by file or realtime query), and that
| was true even for the next mail server in the chain (DMZ).
|
| They were already aware of the problems with blowback (which is indirectly
| how they came to be speaking to me), were taking measures to try to reduce ...

According to ipal.net>:

A day or two ago, I was speaking to a, er, "governmental agency"
(which I'll leave nameless) that was more than a bit "stuck".

Security policies imposed on them from the, er, "another governmental
agency" was such that it was impossible from a security perspective to
have the front end (required to be _outside_ of the DMZ) "know" what
the valid recipients were (either by file or realtime query), and that
was true even for the next mail server in the chain (DMZ).

They were already aware of the problems with blowback (which is indirectly
how they came to be speaking to me), were taking measures to try to reduce
it, and volunteered that they felt that the policy was being inappropriately
applied, but ... stuck they were.

On Wed, 14 Feb 2007 14:14:32 GMT Seth Breidbart panix.com> wrote:
| In article <45d1dd9b$0$3160$ae4e5890@news.nationwide.net>,
| Larry M. Smith FahQ2.com> wrote:
|
|>I still hold to my belief that; while backscatter is a real problem, it
|>is not a spam problem. I define spam as UBE, and from my point of view
|>backscatter fails the "bulk" test. It is (at worst) a single response
|>to a single input; a one-to-one relationship... Not bulk.
|
| How about >100 "responses" per minute from _no_ input for several
| hours (like charter.net did to me a couple of weeks ago). I think
| that's rather bulky.
|
|>Additionally, from my observations, most that would want to define
|>backscatter as spam have selectively narrowed the definition of
|>backscatter to NDNs and C/R challenges generated by spammers and viruses
|>forging sender's envelopes. This simply doesn't cover all cases of
|>backscatter.
|
| I define "backscatter" as NDNs and C/R challenges sent to me when I ...

According to Laurence F. Sheldon, Jr. cox.net>:

So, Scott Richter should be called a "high volume timewaster and
desired content burier deployer"?

Doesn't have the same ring. ;-)
--
Chris Lewis,

Age and Treachery will Triumph over Youth and Skill
It's not just anyone who gets a Starship Cruiser class named after them.

In message <45d1dd9b$0$3160$ae4e5890@news.nationwide.net> "Larry M.
Smith" FahQ2.com> wrote:

I would argue this by looking at it from the point of the recipient.

unrequested, undesired, and all around unwanted messages from servers
all over the planet.

Content isn't relevant. The only thing that matters is that I didn't
request it, it's not personal correspondence, and *I* didn't initiate
the transaction.