Our reputation on spamming?
Folks:
I had to open a ticket because Spamhaus had listed my ipv6 address as one that put out spam.
Our tech support, along with Spamhaus explained that Spamhaus will block and entire /64 (or is it /128) IP range if anyone on that range sends out spam.
Our tech support did offer to give me another ipv6 /64 subnet which should resolve the immediate issue with my ipv6 being flagged by Spamhaus.
However, this got me thinking. The spamhaus response did let loose (I don't think intentionally) that the spam issues were recent and from more than one machine on our network (my system is in the Dallas data center). What I am curious of is what is Linode's policy regarding spam? If someone on the outside complains that one of our servers is sending out spam/phising/whatever email, what action does Linode do? Is Spamhaus's blocking of /64 ipv6 subnets unique to Linode or do most of the other sites, such as DigitalOcean, face the same issue?
Thank you
Mark Allyn
Bellingham, Washington
www.allyn.com
2 Replies
It is not surprising that Spamhaus mentioned that there had been spam recently originating from your Linode's /64. Since every Linode in a data center is assigned a /128 IPv6 address that is part of the same /64, a compromised Linode or two of the many thousands in a data center can be the reason behind that claim. Linode and Spamhaus are aware of each others' policies, which is why their support page mentions to reach out to our Support department who will readily offer you an entire /64 to be used solely for your Linode.
The first line in section 2 of our Acceptable Use Policy notes that we do not condone spam on our platform. You can see how we generally define spam in that link, but in more specific terms we ask that our customers mailing campaigns be CAN-SPAM compliant.
In the event that a Linode is reported for spam, we open a ticket on the Linode with a copy of the report. From there we work with our customers to confirm whether or not the report is legitimate, whether the mail was sent intentionally, and where to go from there. I would say that the majority of spam originating from Linode IP space (which has gone down dramatically since our New Policy to Fight Spam) ends up being the result of a compromised instance, and all said and done we end up helping a customer who may have been otherwise exposed to a data breach or worse.
Spamhaus considers a /64 to be the smallest IPv6 range that they will consider regarding reputation. They are not unique in that aspect, but they are the only ones I've come across regarding trouble over reputation scores for our customers. I can't answer your question about DO or other providers, as I'm simply unfamiliar with their service.
Hope this helps. :)