[kde-community] Reputation of Digital Ocean (was: Re: DigitalOcean is now a sponsor!)
Martin Steigerwald
martin at lichtvoll.de
Sun Jul 10 10:47:41 BST 2016
Hello.
I may offend someone by writing this, but I think this is important to know
for the project. Also please now that I am heavily fed up by receiving these
spams from Digital Ocean networks, but I still tried to be considerate in this
mail. If I failed, please forgive me. In the end I am just the messenger, so
please don´t shoot me.
Am Mittwoch, 6. Juli 2016, 10:47:58 CEST schrieb Helio Chissini de Castro:
> I'm happy because the good reputation of Digital Ocean.
I have mixed feelings about this.
On one side I am happy you got a new sponsor, but on the other side up to now
I only knew Digital Ocean networks as source for repeated spam mails from new
TLDs like .xyz, .site, .faith and so on. I sent about five abuse reports to
them already, but only got automated replies. And yes, there was some pause in
spams, but now I received one again, again from a network from Digital Ocean.¹
So they seem to have trouble making sure that their customers are serious in
that they do not use VMs for spamming or capable of securing their server VMs
to make sure no one else abuses them for this.
I am now close to the point of completely blocking *complete* networks / AS's
from Digital Ocean. But then I might block serious users, such as the admins
of the KDE project. Still, as these spams currently escape my Spamassassin and
policyd-weight network, I may still do it, no matter whether there are serious
users as I am not willing at all to tolerate these spam mails and I am not
willing to continue to add domain after domain and IP address after IP address
whenever a new VM from Digital Ocean throws spam at my server. I would block
with a REJECT like suggested by Ronny on postfixbuch-users mailing list²,
which specially mentions to contact abuse at digitalocean.com about this, as
otherwise there will be ne pressure for Digital Ocean to improve the
situation.
So that much about good reputation from my side. I really hope Digital Ocean
people get their act together and reliably prevent that VMs from their network
send spam.
Until they do, I suggest not to put any of the KDE project´s mail
infrastructure onto their servers to avoid the risk of being blocked by users
like me. If you still do, please tell me the IPs, so I can make sure I do not
block them.
[1] this is my current configuration in Postfix and no, this is *no* joke, as
far as I looked, these all oriented from Digital Ocean networks – I didn´t
even bother to include all the IPs:
/klicken.*\.xyz/ DISCARD S2016-06: Spam discarded.
/klicken.*\.accountant/ DISCARD S2016-06: Spam discarded.
/mailing.*\.xyz/ DISCARD S2016-06: Spam discarded.
/mailing.*\.site/ DISCARD S2016-06: Spam discarded.
/server.*\.xyz/ DISCARD S2016-06: Spam discarded.
/weiter.*\.top/ DISCARD S2016-06: Spam discarded.
/aufmachen.*\.party/ DISCARD S2016-06: Spam discarded.
/95\.85\.8\.87/ DISCARD S2016-06: Spam discarded.
/178\.62\.235\.237/ DISCARD S2016-06: Spam discarded.
/46\.101\.111\.79/ DISCARD S2016-06: Spam discarded.
/versand.*\.faith/ DISCARD S2016-07: Spam discarded.
[2] AW: Spam-Mails mit neuen TLDs und von Digital Ocean Cloud-Systemen
blocken
https://listi.jpberlin.de/pipermail/postfixbuch-users/2016-July/064314.html
As you can see there I am not the only one affected.
Thank you,
--
Martin
More information about the kde-community
mailing list