UPDATE Pipex Email Servers Blacklisted After UK ISP Ignored Warnings
Internet security experts at Trend Micro have warned UK ISPs to pay more attention to their abuse departments after it was forced to block Pipex’s (TalkTalk) spam spewing email servers for almost a week because the provider “choose not to man their abuse desk” and did not respond to the warnings.
As a result of the blacklisting Pipex’s subscribers would have suffered significant problems when attempting to send emails, which was an especially big problem for their business users. Trend Micro’s Rik Ferguson told The Register: “The IP addresses of the Pipex MTA have been sending spam and also malicious emails, probably because they have client PCs on their network that are infected and originating spam.”
Advertisement
Apparently all TalkTalk needed to do to get the ban lifted was reply to Trend Micro’s message, which was sent to their abuse desk at abuse@talktalkplc.com (perhaps it got stuck in their spam filter 🙂 .. no seriously).
Trend Micro’s Rik Ferguson said:
“Once a Realtime Blackhole List (RBL) listing is made, we require the ISP to take effective action to stop the spam. We monitor this action, and if the investigator sees the spam stop, they will remove the listing.
Because there are multiple people involved with checking an RBL listing, it is exceedingly rare that a mistake is made. In each case of an RBL listing, we have spam-on-hand, and can produce that on request for the ISP. The size of the ISP behind any given IP address is not a factor in our decision to list on the RBL; the fact that we have spam from that address, and that there has been no action to reduce the spam, is.
Because the ISP receives at least two notices from us, we feel that they have adequate time to deal with the problem.”
Thankfully the problem has now disappeared, although TalkTalk have so far failed to provide a clear explanation for the situation. In the meantime Ferguson has said that some ISPs do not man their abuse desk, automatically redirect messages to end users or impose spam filters on the abuse desk contact. Ugh.
UPDATE 25th May 2012
TalkTalk have responded.
Advertisement
A TalkTalk spokesperson told ISPreview.co.uk:
“Some Pipex customers may have had difficulty sending emails to NHS and other government agencies after a number of customers’ computers were infected with malicious software and started sending out spam. We have taken measures to tackle the problem and reduced spam messages by 70 per cent since the start of May.”
Mark is a professional technology writer, IT consultant and computer engineer from Dorset (England), he also founded ISPreview in 1999 and enjoys analysing the latest telecoms and broadband developments. Find me on X (Twitter), Mastodon, Facebook, BlueSky, Threads.net and Linkedin.
« Cable and Wireless Cut Duddon Valley Broadband Link After Funds Run Dry
Comments are closed