Re: TCPIP SMTP: suggestion
- From: helbig@xxxxxxxxxxxxxxxxxxxxxxxx (Phillip Helbig---remove CLOTHES to reply)
- Date: Mon, 16 Apr 2007 20:57:24 +0000 (UTC)
In article <2kyUh.57854$oV.3049@attbi_s21>, "John E. Malmberg"
<wb8tyw@xxxxxxxxxxx> writes:
Read the spamhaus description of the pbl zone component. The pbl zone
only contains DHCP ranges where the ISP has told spamhaus.org to block
it. It can also contain non-DHCP ranges that spamhaus.org has
determined to be extremely unlikely to ever send legitimate e-mail and
apparently the network owner does not respond to any outside contact for
either spam/abuse complaints or other requests.
The last point is the crucial one for me. Suppose a user sends a
legitimate email, then someone else in the block of IP addresses
assigned to that provider sends spam (perhaps even from the same dynamic
IP address after it has been assigned to someone else) and that the
provider doesn't respond to complaints (which, of course, he should);
SpamHouse would then put that whole block of IPs on the list, thus
punishing the legitimate user. Yes, in the long run it might be better
if the legitimate user moves to another provider, but probably such a
person sending email directly is not very tech-savvy and wouldn't
understand the reason to move and/or send email through a trusted
server.
I do realise that much spam comes from such IP addresses. The question
is whether to throw the (just one) baby out with the whole ocean of
(very dirty) bathwater.
With just sbl and xbl (and not pbl), spam dropped from about 150 to 100
per day. (The total number of spams is several hundred per day, but
most of those are to non-existent users and setting
symbiont-checks-deliverability to false stops most of those (i.e. those
which are syntactically valid usernames; I think this has been fixed in
a newer version of TCPIP).
And again, essentially as far as I can tell, if you are still
deliberately accepting e-mail from known DHCP zones, then you are one of
a decreasing group.
That's certainly true.
If one of the widely used commercial DHCP blocking list was as up to
date as the free ones, those few people still attempting to run mail
servers on DHCP lists would probably find only a handful of mail servers
accepting their e-mail.
True.
If the spamhaus pbl zone is up to date on DHCP zones that their ISPs
which I know of that prohibit servers on DHCP addresses, then as the zen
or pbl zone gets adopted more, those few people attempting to run a mail
server on a DHCP address will find almost no one accepting their e-mail.
Either because of the adoption of the zen/pbl zone, or that this serious
competition will force the commercial service to get its act together.
Yes.
The sbl.spamhaus.org and the dul.dnsbl.sorbs.net are probably stable
enough for a daily or so update to a local copy via rsync or other
suitable protocol. list.dsbl.org also takes 24 hours to process a
removal, so getting a copy once a day can also reduce network queries.
I just put them in the SMTP.CONFIG, so presumably they are queried.
I would recommend that you look carefully at what each blocking list
does, and also keep statistics about how much each of them rejects.
That's why I started out with just one, to see its effect. Alas, I
don't think HP TCPIP 5.4 will log WHICH RBL an address matched.
.
- Follow-Ups:
- Re: TCPIP SMTP: suggestion
- From: JF Mezei
- Re: TCPIP SMTP: suggestion
- References:
- TCPIP SMTP: suggestion
- From: Phillip Helbig---remove CLOTHES to reply
- Re: TCPIP SMTP: suggestion
- From: John E. Malmberg
- TCPIP SMTP: suggestion
- Prev by Date: Re: Error Checking in DCL using $severity
- Next by Date: Re: Democrats destroying America ...
- Previous by thread: Re: TCPIP SMTP: suggestion
- Next by thread: Re: TCPIP SMTP: suggestion
- Index(es):
Relevant Pages
|
