Catching SoapClient Errors

Posted by Nessa | Tags: , | Posted on February 1, 2011

0

I recently wrote a PHP script that uses SoapClient to connect to a SOAP server to verify username/password credentials for a monitoring system.  The script basically returns the result as a yes or no – however, as we all know with SOAP, when you hit an error you get a mess of crap that comes back like this:

Uncaught SoapFault exception: [ERROR_BAD_LOGIN] Bad login or password. in /path/to/stuff.php:20

Stack trace:
#0 [internal function]: SoapClient->__call('GetAccountByNam...', Array)
#1 /path/to/stuff(20): Utils_SoapClient->GetAccountByName(Object(SoapVar))
#2 {main}

All I need is an error code, and when the SOAP function fails (which is expected if the login credentials are invalid), the script halts and I don’t get anything.  Luckily, PHP has pretty good exception handling that can tell SOAP to treat output like a test.   For example, the following line of code in the above example passes a username string ($struct) to a SOAP object, and is the line of code that is failing:

$result=$accountService->GetAccountByName(new SoapVar($struct, SOAP_ENC_OBJECT));
$result_username = $result->UserAccount->AccountId;

In my case, if the login credentials being tested are incorrect, the value of the $result variable should be empty.  To suppress the ugly SOAP error and only return what I want, I use exceptions:

>try {
$result=$accountService->GetAccountByName(new SoapVar($struct, SOAP_ENC_OBJECT));
}
catch(SoapFault $result){
}
catch(Exception $result){
}

Therefore, I can now use the value of $result as intended:

if(!empty($result_username)){
 
echo "Login OK";
exit(0);
}else{
</code>
<code>echo "Login failed";
exit(1);
}

One of Those “Ksplice Saved Our Asses” Moments

Posted by Nessa | Tags: , | Posted on January 15, 2011

4

There comes a time in every sysadmin’s life when you realize that as long as you have your job, you’re never going to

  1. have a life
  2. have friends
  3. sleep
  4. have a break from all the madness

When you fix server A, server B breaks. When you patch exploit 1, exploit 2 strikes threefold.  And to top it off, our customers are still using passwords like 123456.  Luckily, there’s someone out there that appears to be seeing things at my level.

We started using Ksplice back in September 2010 when one infamous kernel exploit started it all. We used to only have to do kernel updates a few times a year.  Now the RHEL guys decided to start compiling their kernels from sad pandas and french fries, backporting and reintroducing a string of security holes that hackers have been sitting until the opportune moment. When you’re working for one of the best hosts in the industry and basically guaranteeing 99.9% uptime, you try rebooting a dump truck full of servers five or six times a month just to avoid some asshat defacing all the index pages on your server with pictures of babies and swastikas.

I mean, unless you’re into that kind of thing.

During these unsexy times there’s one thing I’ve been continually grateful for – and that’s the fact that the developers of Ksplice apparently have no lives, girlfriends, or any other dreams in life other than to make all our jobs easier.  Here at IMH, we were all slightly depressed when we found out that we couldn’t have reboot parties anymore.  The Ksplice guys usually have new vendor-released kernel patches available within a day  and we can easily and instantly run kernel updates on our entire fleet of servers without having to reboot a single one.  With that, we don’t have to wait until the middle of the night over the span of several days to fix critical security problems, and customers don’t have to complain about downtime.  This lets us focus on what’s important: drinking, karaoke, and nude ice fishing keeping people happy.  If that’s not worth the $2.95 a month, I don’t know what is.

Simple Way to Parse an x509 Certificate with PHP

Posted by Nessa | Tags: , | Posted on November 3, 2010

5

PHP has a nifty little function for parsing an x.509 SSL certificate into an array to easily pull out the elements: openssl_x509_parse .Essentially, all you need to do is load up the contents of the certificate, either through a file or POST value, and enclose it in the array. Here’s a simple script:

<?php
$sslcert = file_get_contents("/etc/ssl/certs/secure.v-nessa.net");
$sslcert = array(openssl_x509_parse($sslcert,TRUE));
//print_r($sslcert);
foreach ($sslcert as $name => $arrays){
foreach ($arrays as $title => $value){
if(is_array($value)){
echo $value . "\n";
foreach($value as $subtitle => $subvalue){
echo $subtitle . " : " . $subvalue . "\n";
}
}else{
echo $title .  "\n";
}
}
}
?>

The results are several multidimensional arrays, so depending on the data you need, you may need to keep adding foreach loops to get that data.

Dear , It’s not your IP – Your Site Is Just…Unpopular

Posted by Nessa | Tags: | Posted on September 9, 2010

2

At least twice a month I get an all so familiar request from hopeful customers looking to boost their Internet presence:

“Yea, I’m going to need about a bazillion IPs for all my sites. Oh, and they all need to be on different subnets. Ya know, SEO shit. I’m going to make it to the top”

…And at least twice a month I again have to explain why a dedicated IP address isn’t going to bump search engine rankings.

It’s a well-known fact that IPv4 space is running low. Being that there are over 180 million websites on the Internet (growing by the thousands every day), it eventually won’t be possible for every website to have its own IP. Additionally, ARIN now no longer accepts IP-based virtual hosting as justification for IP usage. In other words, unless you’re running a private anonymous FTP server, are using third party DNS services, or have an SSL certificate, you’re really not entitled to have your own IP. Though your hosting provider may still give you that option, they don’t have to if name-based Virtual Hosting (read: sharing IPs) is possible.

That being said, it doesn’t sound quite right that a search engine would punish your rankings for not doing something that isn’t feasible. Even if you don’t believe me, I’m sure you can believe one of Google’s software engineers who negated the fact that a dedicated IP will affect your pagerank.

If you’re seeing SEO success from one of your competitors, you can probably bet that it has little to do with their IP situation and more to do with them actually knowing what they are doing.  Plenty of sites have hit #1 in Google using old-school SEO techniques and marketing.  Your hosting provider is probably not going to give you half their IP allocation, so now that your entire belief system based around fake SEO techniques has been shot down, just don’t ask.

Wireless BroadBand vs. Home Broadband?

Posted by Jason | Tags: | Posted on September 7, 2010

0

funny texts to attract my ex and
what to text your ex or
how to get your ex girlfriend back Text Your Ex Back free

how to get ur ex back
dr phil how can i get my ex girlfriend back, sweet things to text your ex boyfriend, etc.

According to www.broadbandexpert.com.au, there has been a 45% rise in sales of wireless broadband plans in Australia during 2009, after a huge rise in popula

Free Advice On How To Make Her Want You Back, Text Your Man Back.

how to get your girlfriend back

Text Your Ex Back

What Is The Best Way To Support My Man

How To Get Back At Your Ex

how to make an ex want you back

Get Your Ex Girlfriend Back

How To Get Back With Your Ex Girlfriend

how to win back your ex

how to win your ex boyfriend back

Studying With Ex Boyfriend

how to win your ex boyfriend back

how to get my ex girlfriend back

Love Languages Man

i want to text my ex boyfriend

How To Make Your Ex Want You Back

how to get my ex girlfriend back

how to get your ex girlfriend back

how to get your boyfriend to want to be with you

rity of mobile broadband sales in European countries during 2008 and early 2009.  While wireless broadband is clearly not yet a full replacement for home broadband service, it isn’t suitable by everyone – it should ideally reflect your Internet use.


If you download a lot of crap, like movies, porn, games, etc, then a fast broadband plan with a high bandwidth limit is probably going to be the best for you. Most broadband providers will let you pick your plan based on your usage and give you excellent broadband deals.  If you’re just browsing the web and sending email, you probably just look for wireless Internet providers. Wireless Internet can be used anywhere that you can get mobile reception, although speeds will vary depending on your connection type and where you live.   Not sure how fast your Internet is? Try a wireless speed test. Although wireless Internet is flexible because it’s more portable, it’s also a bit slower and your provider will probably limit your bandwidth consumption.  Therefore, many people are now opting for wireless Internet for mobile use in addition to a home broadband.

men who want to have a babyvideos of people having a baby pregnant, How do you get pregnant why cant i get pregnantthings to do before having a baby

Review of ReclaiMe Data Recovery Software

Posted by Nessa | Tags: | Posted on August 5, 2010

2

We all know how much it sucks to have a hard drive fail – months or even years worth of data down the drain. And I bet you don’t do regular backups, do you?

I came across ReclaiME from a review site. It’s software (that unfortunately only works on Windows) that you can install on your computer to reliably recover data from hard drives or memory cards.  More specifically, it lets you:

  • Recover images from a memory card
  • Recover data from flash/USB drives
  • Recover data from laptop, external, and SCSI/IDE drives
  • Unformat non-system drives and partitions

I actually ReclaiME on one of my sister’s old camera memory cards, and it definitely doesn’t fall short of its claims.   It recovered over 40 images from the almost-empty card, most of which were intact, though a few were corrupted from the camera overwriting them.

While the software is excellent and works just like it promises, the only downside is that the price is a bit steep for the average user.  I’d imagine that software like this would be more tangible for service providers, businesses, or people that consider their data valuable enough to justify spending a pretty penny on data recovery software.  The price isn’t outrageous or anything, it’s just more than I’d pay for Windows-based recovery software (I prefer to use Linux), when there are other free/open-source alternatives out there:

http://lifehacker.com/5237503/five-best-free-data-recovery-tools

Using PHP to Extract Image Exif Data

Posted by Nessa | Tags: , | Posted on August 2, 2010

27

Those of us fluent in digital photography have come across the term “Exif data” numerous times when it comes to software we use to digitally manipulate photographs. Exif (Exchangeable image file format) data is generally used to identify the properties of the camera that snapped a picture, and usually the software that altered it afterwards. It can tell you when a picture was taken, what kind of camera took it, as well as the camera’s model, shutter speed, focal length, and even provide a thumbnail of the image on the camera’s LCD screen.

Why would you need to extract this information?  If you’re ever uploaded images to stock photography sites and wonder how they know so much about your pictures, it’s because they extract the Exif data from your pictures to provide more information on how they were taken. This quick tutorial will demonstrate how to extract Exif data from an image using PHP.

Enabling the Exif Extension

The Exif functions for PHP may not be native to your installation, so you can check by viewing your phpinfo file or running “php -m” via command line to see a list of modules compiled in. If you don’t see Exif listed, there are three ways you can enable it depending on how you installed PHP:

  • If you compiled PHP manually, you can re-compile while adding –enable-exif to the configure line
  • If PHP is installed via package (rpm/deb), it should already have Exif enabled. If not, you can install an RPM for the extension manually
  • If you use cPanel, run EasyApache and select the Exif extension from the PHP module list, and recompile

Determining the Image Type

The exif_imagetype function identifies the format of an image, but returns the result as a code.  The PHP function reference provides a full list of these return codes, but 1-8 are the most common out of the 16:

1: GIF
2: JPEG
3: PNG
4: SWF
5: PSD
6: BMP
7/8: TIFF

Here’s a code example that lists all the desired valid image types in an array and detects the type of image from the specified file, returning the result in “human readable” format:

<?php
$image = "/path/to/myimage";

$types = array(
1 => "GIF",
2 => "JPEG",
3 => "PNG",
4 => "SWF",
5 => "PSD",
6 => "BMP",
7 => "TIFF",
8 => "TIFF"
);

$imagetype = exif_imagetype($image);

if (array_key_exists($imagetype, $types)) {
echo "Image type is: " . $types[$imagetype];
} else {
echo "Not a valid image type";
}
?>

Reading Exif Header Data

The exif_read_data function can be used to extract header data from JPEG and TIFF files:

<?php
$image = "/path/to/myimage";
$exif = exif_read_data($image, 0, true);
foreach ($exif as $key => $section) {
foreach ($section as $name => $val) {
echo "$key.$name: $val\n";
}
}
?>

This will return the elements of the array from exif_read_data, which can be very long depending on what information is available for the image. There are seven sections (arrays) of data types:

  • FILE:  Contains the file’s name, size, timestamp, and what other sections were found (as listed below)
  • COMPUTED: Contains the actual attributes of the image
  • ANY_TAG:  Any information that is tagged
  • IFD0:  Mostly contains information about the camera itself, the software used to edit the image, when it was last modified, etc
  • THUMBNAIL: Information about the embedded thumbnail for the image
  • COMMENT: Comment headers for JPEG images
  • EXIF: Contains more information supplementary to what is in IFD0, mostly related to the camera (includes focal length, zoom ratio, etc)

Depending on the information available for the image, you’ll actually see a lot of data in the output. Say, for instance, you want to only output the IFD0 data to see the information of the camera that took the image:

<?php
$image = "image.jpg";
$exif = exif_read_data($image, 0, true);

foreach ($exif as $key => $section) {
foreach ($section as $name => $val) {
if($key == "IFD0"){
echo "$key.$name: $val\n";
}
}
}
?>

This will output:

IFD0.ImageWidth: 2592
IFD0.ImageLength: 3872
IFD0.BitsPerSample: Array
IFD0.Compression: 1
IFD0.PhotometricInterpretation: 2
IFD0.Make: NIKON CORPORATION
IFD0.Model: NIKON D80
IFD0.Orientation: 1
IFD0.UndefinedTag:0x0000:
IFD0.XResolution: 72/10000
IFD0.YResolution: 72/1
IFD0.PlanarConfiguration: 1
IFD0.ResolutionUnit: 2
IFD0.Software: Adobe Photoshop CS4 Windows
IFD0.DateTime: 2010:02:06 22:24:09
IFD0.Exif_IFD_Pointer: 304

Or, you can further narrow down the output by specifying specific values in the $exif multi-dimensional array:

<?php
$image = "image.jpg";
$exif = exif_read_data($image, 0, true);
echo "Software: " . $exif['IFD0']['Software'] . "\n";
?>

This will return:

Software: Adobe Photoshop CS4 Windows

Using Exif to generate a thumbnail

As touched on previously, many cameras and image manipulation software will include an embedded thumbnail for an image. You can extract this thumbnail using the exif_thumbnail function:

<?php
$image = "image.jpg";
$thumbnail = exif_thumbnail($image, $width, $height, $type);
echo "<img  width='$width' height='$height' src='data:image;base64,".base64_encode($thumbnail)."'>";
?>

Keep in mind that the thumbnail generated here is from the Exif data – there are other ways to create a thumbnails using many of the PHP image functions.

Simple PHP Script for RBL Checking

Posted by Nessa | Tags: , | Posted on July 16, 2010

16

It’s useful for ISP’s and email service providers to run occasional RBL checks against their IPs to know when they are being blacklisted by populate CBL services. I’ve written a simple script that utilizes the DNSBL pear library to check against common blacklists, when given a list of IPs in a file.

First, you need to download or install the NET_DNSBL pear module. (Command: pear install NET_DNSBL)

<?php
require_once('Net/DNSBL.php');

$iplist = file("/path/to/iplist");

foreach ($iplist as $ip){

$dnsbl = new Net_DNSBL();

$dnsbl->setBlacklists(array(
'sbl-xbl.spamhaus.org',
'dnsbl.sorbs.net',
'bl.spamcop.net',
'dnsbl-1.uceprotect.net',
'dnsbl-2.uceprotect.net',
'dnsbl-3.uceprotect.net',
'isps.spamblocked.com',
'zen.spamhaus.org'
));

if ($dnsbl->isListed($ip)) {

echo "IP $ip is blacklisted!\n";

}

else {
echo "IP $ip not listed\n";
}
}

?>

Of course, this script can be very easily modified to pull IPs from a database, or assign the $ip variable from a GET or POST request (like from a form or API).  Here’s an exclusive list of some RBL’s you can check against using this script, by adding them to the array shown:

asiaspam.spamblocked.com
bl.deadbeef.com
bl.emailbasura.org
bl.spamcop.net
blackholes.five-ten-sg.com
blacklist.woody.ch
bogons.cymru.com
cbl.abuseat.org    cdl.anti-spam.org.cn
combined.abuse.ch
combined.rbl.msrbl.net
db.wpbl.info
dnsbl-1.uceprotect.net
dnsbl-2.uceprotect.net
dnsbl-3.uceprotect.net
dnsbl.abuse.ch
dnsbl.ahbl.org
dnsbl.cyberlogic.net
dnsbl.inps.de
dnsbl.njabl.org
dnsbl.sorbs.net
drone.abuse.ch
duinv.aupads.org
dul.dnsbl.sorbs.net
dul.ru
dyna.spamrats.com
dynip.rothen.com
eurospam.spamblocked.com
fl.chickenboner.biz
http.dnsbl.sorbs.net
images.rbl.msrbl.net
ips.backscatterer.org
isps.spamblocked.com
ix.dnsbl.manitu.net
korea.services.net
lacnic.spamblocked.com
misc.dnsbl.sorbs.net
noptr.spamrats.com
ohps.dnsbl.net.au
omrs.dnsbl.net.au
orvedb.aupads.org
osps.dnsbl.net.au
osrs.dnsbl.net.au
owfs.dnsbl.net.au
owps.dnsbl.net.au
pbl.spamhaus.org
phishing.rbl.msrbl.net
probes.dnsbl.net.au
proxy.bl.gweep.ca
proxy.block.transip.nl
psbl.surriel.com
rbl.interserver.net
rdts.dnsbl.net.au
relays.bl.gweep.ca
relays.bl.kundenserver.de
relays.nether.net
residential.block.transip.nl
ricn.dnsbl.net.au
rmst.dnsbl.net.au
sbl.spamhaus.org
short.rbl.jp
smtp.dnsbl.sorbs.net
socks.dnsbl.sorbs.net
spam.dnsbl.sorbs.net
spam.rbl.msrbl.net
spam.spamrats.com
spamlist.or.kr
spamrbl.imp.ch
t3direct.dnsbl.net.au
tor.ahbl.org
tor.dnsbl.sectoor.de
torserver.tor.dnsbl.sectoor.de
ubl.lashback.com
ubl.unsubscore.com
virbl.bit.nl
virus.rbl.jp
virus.rbl.msrbl.net
web.dnsbl.sorbs.net
wormrbl.imp.ch
xbl.spamhaus.org
zen.spamhaus.org

Using PHP to Perform DNS Lookups

Posted by Nessa | Tags: ,,, | Posted on June 30, 2010

16

PHP has a couple DNS functions you can use to perform record lookups.

Most of us are familiar with the two basic ones – gethostbyname() and gethostbyaddr(), both of which perform a single function – returning a hostname or IP address. Here’s an example of both:

<?php

$ip = gethostbyname("v-nessa.net");
$host = gethostbyaddr("69.174.114.71");

echo "v-nessa.net has the IP $ip, which reverses to $host";
?>

The above will return:

v-nessa.net has the IP 69.174.114.71, which has a PTR of server.v-nessa.net

Similarly to gethostbyname, there’s gethostbynamel which is useful for hostnames with multiple A records:

$ips = gethostbynamel("test.v-nessa.net");
foreach ($ips as $ip => $value){
echo $value . "\n";
}

Will return:

69.174.114.71
69.174.115.243

A more advanced function is dns_get_record, which can pull any valid record for a hostname or IP.  Think about the dig command you use in Unix to find DNS records:

nessa@nessa-desktop:~$ dig +short v-nessa.net A
69.174.114.71

The dns_get_record function works in a similar way, and can obtain the following DNS record types:

DNS_A, DNS_CNAME, DNS_HINFO, DNS_MX, DNS_NS, DNS_PTR, DNS_SOA, DNS_TXT, DNS_AAAA, DNS_SRV, DNS_NAPTR, DNS_A6, DNS_ALL or DNS_ANY.

The following will give you a similar result:

$recs = dns_get_record("v-nessa.net", DNS_A);
print_r($recs);

Will return:

Array
(
[0] => Array
(
[host] => v-nessa.net
[type] => A
[ip] => 69.174.114.71
[class] => IN
[ttl] => 13728
)
)

If you want to obtain multiple DNS types, you can do so by separating the record types with a plus sign:

$recs = dns_get_record("v-nessa.net", DNS_A + DNS_MX);

Will return:

Array
(
[0] => Array
(
[host] => v-nessa.net
[type] => A
[ip] => 69.174.114.71
[class] => IN
[ttl] => 13736
)

[1] => Array
(
[host] => v-nessa.net
[type] => MX
[pri] => 0
[target] => v-nessa.net
[class] => IN
[ttl] => 14145
)

)

You’ll notice that the output is a double array, so to call individual values you can do either of the following:

// will return the IP for array 0 ( A record)

echo $recs[0]['ip'];

// will return results for common records

foreach ($recs as $type => $value){
echo $value[ip] . "\n";
}

Similar to the example above, you can use the DNS_ALL type to show any records available for the hostname, and use a minus sign to exclude certain record types. For example, the below code will return all DNS results for v-nessa.net, but exclude NS records:

$recs = dns_get_record("v-nessa.net", DNS_ALL - DNS_NS );

foreach ($recs as $type => $value){
echo $value[type] . "\n";
}

The following records were returned:

A
SOA
MX
TXT

Here’s a more practical example – a simple PHP DNS lookup script. Say you have a form on your site that allows a user to type in a hostname and select a type of record: A, MX, NS, and TXT. The passed form values are $host and $type, and the below script will accept the variables and output the results according to the record type:

HTML Form:

<form action="dns.php" method="POST">
Hostname: <input type="text" name="host" />
Type: <select name="type">
<option value="a">A</option>
<option value="mx">MX</option>
<option value="ns">NS</option>
<option value="txt">TXT</option> </select>
</form>

PHP Script (dns.php):

<?php

if(!empty($_POST['host']) && !empty($_POST['type'])){

    // Grab variable from form and define valid types

    $host = $_POST['host'];
    $type = strtoupper($_POST['type');
    $validtypes=array("A","MX","NS","TXT");

    // Check that dns type is defined or allowed

    if(!defined("DNS_" . $type) or !in_array($type,$validtypes)){
       echo "Invalid DNS Type!";
    }else{

       $type = constant("DNS_" . $type);
       $rec = dns_get_record($host, $type);

       // Set result types - can be modified by using available elements from $rec array

       switch($type){
             case DNS_A:
                    $recvals=array("Hostname" => "host","Type" => "type", "IP" => "ip");
                    break;
             case DNS_MX:
                    $recvals=array("Hostname" => "host","Type" => "type", "Target" => "target", "Priority" => "pri");
                    break;
             case DNS_NS:
                    $recvals=array("Hostname" => "host","Type" => "type", "Target" => "target");
                    break;
             case DNS_TXT:
                    $recvals=array("Hostname" => "host","Type" => "type", "Record" => "txt");
                    break;
        }

      // Output results

      foreach ($rec as $arr => $num){
             foreach ($recvals as $title => $value){
                    echo $title . " : " . $num[$value] . "\n";
             }
      }

    }
} else {

     echo "Either hostname or record type is missing";
}

It’s of course easy to modify the above code accordingly, and I’m sure there may be better ways to do this. Feel free to post your own code snippets or comments.

The Fine Line Between Spam and Email Marketing

Posted by Nessa | Tags: , | Posted on June 3, 2010

7

If I had a Viagra pill for every time I confronted a spammer who pulled the “email marketing” excuse…

There’s no debate, no exceptions, and no justification. If you’re sending out massive amounts of unsolicited email, you’re a spammer. Period.  You’re not running a legitimate or respected marketing campaign, you’re not helping anyone with their emotional or erectile dysfunction problems, and in reality, no one cares to read what you have to say.

A lot of hosting providers are cracking down on spammers – and from experience, I can tell you why:  Spammers are an inconvenience to everyone – even themselves. They are an inconvenience to me, the system administrator that has to sift through spam complaints and spend hours every week tracking them down.  They are an inconvenience to our customers, who find their email being blacklisted because of a spammer on their network. And finally, they are an inconvenience to you, the Internet user, that has to deal with getting spam on a daily basis because some people have nothing better to do.

And here’s how you know if you’re one of those some people:

  • You purposely find ways to circumvent your ISP or host’s mailing limits instead of simply asking
  • You’re harvesting or purchasing email addresses off of websites, other mailing lists, or third parties to compose your recipient base
  • You’re sending those people [unsolicited] email advertising yourself, a product, or a website
  • You use spoofing or other tactics to hide your email address or server information
  • You don’t give your victims recipients a way to opt out of your torturous email campaigns
  • You hide behind the CAN SPAM law to justify your behavior
  • You get the slight inkling that people hate you for what you do

So what’s the fine line between spam and email marketing?

It’s all about honesty and consent.  If I contact a fellow blog owner requesting a link exchange, I wouldn’t technically consider that spam. If I send the same email to 40 other people, I’m crossing the line.  A legitimate, non-spammy email campaign would consist of a database of opted-in users, and email content consistent with what those users requested to be in the loop for.  If any of those users decide they don’t want to participate anymore, they are given a quick and easy way to remove themselves from the list.  The fine line between spamming and email marketing is the concept of opting in. Simply put, email marketers use opt-in lists, spammers don’t.

And no, I’m not talking about purchasing opt-in lists that other people have compiled.

Spammers have ruined the concept of email marketing enough to where now even legitimate email marketers are being accused of spamming, and many hosts won’t even work with them.  That’s not all hosts are doing to fight back, either.  Many larger hosting providers are so tired of dealing with spammers on their network that they impose mailing limitations that tend to inconvenience other users. Here are just a few:

  • Limiting the number of emails sent per minute, hour, or day
  • Limiting the number of recipients that can exist in a single email or BCC field
  • Locking outbound SMTP connections so scripts can’t send email from remote servers
  • Blocking email sent from certain system users (like the Apache user), requiring the use of authenticated mail sessions

For everyone else, here are a few tips on dealing with SPAM:

  • Delete it – it takes two seconds
  • Learn what a spam filter is, and use it
  • Stop trying to play Internet police. Feel free to report spam to the ISP or host, but don’t start spouting off with legal threats. It’s not going to change the fact that millions of spam emails are sent every day, and no court is going to waste their time on you
  • Don’t assume that the ISP or host can read minds – do you think they would have intentionally allowed a spammer to sign up for their service?

And for ISP’s and hosts, you have responsibilities as well:

  • Don’t be afraid to impose the aforementioned limitations on your servers. Your goal should be to look out for the best interests of your customers as a whole
  • Require justification from users that want to send large mailing lists, asking them how much email they are sending, who they are sending to, and whether they have an opt-in/out method
  • Set up abuse@ and postmaster@ email addresses, which will usually be where complaints are sent to. This way you’re aware of users that may be abusing your network, even if
  • Sign up for feedback loops, so automated spam reports from various email providers are sent to you to review
  • Deal with spammers ASAP. Not doing so can end up causing your network to get blacklisted, or have complaints escalated to cancellations from your customers – or even legal threats