Demon Internet joins the webmail hall of shame
Selected headers of a just-received advance fee fraud spam:
Received: from lon1-mail-2.visp.demon.net ([22.214.171.124]) by <redacted> ... Received: from lon1-mailstore-2.visp.demon.net (lon1-mailstore-2-port0.visp.demon.net [192.168.217.133]) by lon1-mail-2.visp.demon.net (MOS 3.5.8-GR) with ESMTP id CTM15721; Sat, 17 Sep 2005 04:55:21 +0100 (BST) Received: from 126.96.36.199 by lon1-mailstore-2.visp.demon.net (MOS 3.5.8-GR) with HTTP/1.1; Sat, 17 Sep 2005 04:55:21 +0100 From: Queensley Rhoda <firstname.lastname@example.org> Subject: CONGRATULATION,YOU ARE A WINNER!! X-Mailer: Mirapoint Webmail Direct 3.5.8-GR
188.8.131.52 has been listed as part of SBL16836 since June 1st, 2004 as an advance fee fraud spam source. It's also in a number of other DNS blocklists. In September of 2005, more than a year later, Demon is still perfectly willing to accept outgoing webmail from it and as a result be part of spamming us.
I am especially angered and saddened at Demon Internet joining the webmail hall of shame because there once was a time when Demon was a shining example of high quality, geek friendly, clued in ISP. If there is any ISP that should know better, I would have thought it was Demon Internet.
Time to teach our mail scanner how to determine IP origin information for yet another webmail source that is making us do their work for them. (I am not ready to refuse all email from Demon, which is my default reaction to webmail providers who make me do their work for them these days. It's tempting, though.)