[Techtalk] opinions on RBLs, please
jas at spamcop.net
Tue Feb 18 18:44:32 EST 2003
Kelly Martin wrote:
> Carla Schroder wrote:
>> In my never-ending quest for good spam-fighting tools, I've been
>> pondering using RBLs. However I'm concerned about blocking legitimate
>> emails, they seem rather cavalier about the possibility. "If your ISP
>> is a spammer, get a different ISP." Anyone have experience with them?
>> There won't be any relaying issues for my clients, no downstream
>> servers, just how will their own mail delivery be affected.
> One of our servers got put on an blacklist because our webmaster
> installed a buggy version of formmail.pl. We caught it and fixed it
> within 48 hours, but we're still on that blacklist two years later. The
> maintainer refuses to even so much as talk to us, let alone remove us.
> We have to run a second mail server on a second address just so we can
> send mail to account at Earthlink because they refuse to unblock this one.
> I have yet to see a blacklist that was maintained responsibly.
I've certainly seen a few which seem to be run by the certifiably insane
(there was a thread here recently about the blacklist behind
http://banned-for-spamming.us/ - which permanently blacklists any ISP
from which they have ever received anything resembling spam, however
major the ISP, however long ago the spam was sent, and flames anyone
disagreeing). Having said that, I've found Spamcop's approach - and
their own blacklist, bl.spamcop.net - to be good:
1. Any ISP generating a significant number of spam complaints
(significant relative to the number of legitimate emails, to avoid
"throwing the baby out with the bath-water" effects) is blacklisted
temporarily. Recent complaints count more heavily than older ones, and
only complaints within 3 days are counted.
2. Customers have personal whitelists, so no legitimate sender will be
blocked more than once.
3. For their own customers, the blacklist does *not* cause mail to be
rejected. Instead, it's diverted into a 'Held mail' folder. Genuine spam
can then be forwarded to the relevant ISP(s) as a complaint, and
legitimate email can be 'released' into the Inbox, optionally adding the
sender to your personal whitelist so future mail from that person will
be recognised as legit.
I've been using it for just over a year now, with no complaints. I don't
know how easy it is to replicate this setup in your own mailserver,
although most of it should be straightforward (the spam reporting engine
is GPLed, and most of the other functionality seems built in to the
servers I've seen) - anyone tried it?
More information about the Techtalk