Sponsored by..

Tuesday 18 June 2013

Are OVH finally taking action against spammers?

An interesting announcement from OVH might finally get the spammers on their network under control, especially the ones from India who tend to spam with impunity.

We are carrying out setup tests on the duplication of outgoing email flow.The idea is to duplicate all the traffic created by customers, going out through port 25 (smtp) on an anti-spam network, and then to analyse the sample of emails leaving our network in real time by IP, in order to control
whether the IP sends spam or not. If we detect an IP that does send spam, the aim is to be able to block the flow of (only) port 25, in less than 5 seconds after spam is first detected. All this without affecting the service performance for the customers that do not spam.

In actual fact, we have far too many spam issues and it isn't enough to shutdown the servers a few hours after having detected the spam. It's too late. It must be done in real time and must be able to block the flow in a matter of seconds. So we are thinking of how to successfully cleanse our network of spammers (who can order servers like everyone else, in just a few minutes)
The announcement has an additional note to say that it is in place already:

Comment by OVH - Monday, 17 June 2013, 16:26PM

The duplication of outgoing smtp flow has been set up.

We have 2.5Gbps to analyse in real time.
Spam isn't the only problem that OVH have as they have a significant malware problem too. But perhaps if they can drive the spammers off the network, then some of the black hat resellers that have might move elsewhere too..


Unknown said...

Nothing Really changed... still massive spam attacks with HTTP / DNS Request...

Lord of the Ping said...

They already had a massive spam-detection network in place - the unwilling receivers of their customer's spam. However, what's actually missing is an abuse department that reacts to abuse reports and evicts spamming customers. As long as they are not shutting off their spammers, nothing will change, and apparently they are not willing to shut off spammers.