[kde-community] Reputation of Digital Ocean (was: Re: DigitalOcean is now a sponsor!)

Sun Jul 10 10:47:41 BST 2016

Hello.

I may offend someone by writing this, but I think this is important to know 
for the project. Also please now that I am heavily fed up by receiving these 
spams from Digital Ocean networks, but I still tried to be considerate in this 
mail. If I failed, please forgive me. In the end I am just the messenger, so 
please don´t shoot me.

Am Mittwoch, 6. Juli 2016, 10:47:58 CEST schrieb Helio Chissini de Castro:
> I'm happy because the good reputation of Digital Ocean.

I have mixed feelings about this.

On one side I am happy you got a new sponsor, but on the other side up to now 
I only knew Digital Ocean networks as source for repeated spam mails from new 
TLDs like .xyz, .site, .faith and so on. I sent about five abuse reports to 
them already, but only got automated replies. And yes, there was some pause in 
spams, but now I received one again, again from a network from Digital Ocean.¹

So they seem to have trouble making sure that their customers are serious in 
that they do not use VMs for spamming or capable of securing their server VMs 
to make sure no one else abuses them for this.

I am now close to the point of completely blocking *complete* networks / AS's 
from Digital Ocean. But then I might block serious users, such as the admins 
of the KDE project. Still, as these spams currently escape my Spamassassin and 
policyd-weight network, I may still do it, no matter whether there are serious 
users as I am not willing at all to tolerate these spam mails and I am not 
willing to continue to add domain after domain and IP address after IP address 
whenever a new VM from Digital Ocean throws spam at my server. I would block 
with a REJECT like suggested by Ronny on postfixbuch-users mailing list², 
which specially mentions to contact abuse at digitalocean.com about this, as 
otherwise there will be ne pressure for Digital Ocean to improve the 
situation.

So that much about good reputation from my side. I really hope Digital Ocean 
people get their act together and reliably prevent that VMs from their network 
send spam.

Until they do, I suggest not to put any of the KDE project´s  mail 
infrastructure onto their servers to avoid the risk of being blocked by users 
like me. If you still do, please tell me the IPs, so I can make sure I do not 
block them.

[1] this is my current configuration in Postfix and no, this is *no* joke, as 
far as I looked, these all oriented from Digital Ocean networks – I didn´t 
even bother to include all the IPs:

/klicken.*\.xyz/ DISCARD S2016-06: Spam discarded.
/klicken.*\.accountant/ DISCARD S2016-06: Spam discarded.

/mailing.*\.xyz/ DISCARD S2016-06: Spam discarded.
/mailing.*\.site/ DISCARD S2016-06: Spam discarded.

/server.*\.xyz/ DISCARD S2016-06: Spam discarded.

/weiter.*\.top/ DISCARD S2016-06: Spam discarded.

/aufmachen.*\.party/ DISCARD S2016-06: Spam discarded.

/95\.85\.8\.87/ DISCARD S2016-06: Spam discarded.

/178\.62\.235\.237/ DISCARD S2016-06: Spam discarded.

/46\.101\.111\.79/ DISCARD S2016-06: Spam discarded.

/versand.*\.faith/ DISCARD S2016-07: Spam discarded.

[2]  AW: Spam-Mails mit neuen TLDs und von Digital Ocean Cloud-Systemen 
blocken
https://listi.jpberlin.de/pipermail/postfixbuch-users/2016-July/064314.html

As you can see there I am not the only one affected.

Thank you,
-- 
Martin