[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-users] Spam blocking
- Subject: Re: [cobalt-users] Spam blocking
- From: Larry Smith <lesmith@xxxxxxxxx>
- Date: Wed Jan 21 18:04:01 2004
- Organization: ECSIS
- List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>
On Wednesday 21 January 2004 19:38, Michele Neylon :: Blacknight Solutions
wrote:
> Reading over the last few days threads regarding spam blocking I've noticed
> references to a large number of RBLs and a number of implementations of
> same. It's nice to see that people want to block spam, but you need to be
> VERY careful how you do this.
>
> You may reduce your spam by 75% if you add in three or four RBLs at the MTA
> level, but you are also going to block a lot of legitamate email in the
> process if you are blindly grabbing tips of mailing lists.
>
> I do not mean to be facetious about this, but if you are handling email for
> a large number of users (ie not just you and your personal friends) you
> could be placing yourself in a very precarious position.
>
> Each RBL follows its own set of criteria. Some are very extreme (dynamic IP
> blocks for example), while others may be blocking entire subnets based on
> the netblock owner (or its predecessor).
>
> If you are handling mail for third parties, as would be the case of hosting
> companies etc., you may must not forget that you are as likely to be held
> liable for the mail not delivered as the mail that is.
>
> So do not blindly add RBLs to your servers unless you know what you are
> doing.
>
Mr. Neylon is absolutely correct in the context that one needs to think
carefully before simply adding rbl's or any other "blocking" technique to
their servers. Even simple things like access lists - can bite one severely.
One of the better listings of available RBL (real-time block lists) is here:
http://www.declude.com/junkmail/support/ip4r.htm
please "read" the descriptions before using one. Try to only use those that
have some form of verification (eg: njabl has a web page you can go to; enter
the IP and find out "why" it has been included in the list - and can also
request removal / re-testing) Other lists, like blackholes.us - list entire
section(s) of the internet simply because they are located in Canada, because
they use Sprint or a variety of other reasons - few to none of which have
anything at all to do with "spam". Doesn't mean they are "bad" lists - it
just means use the right list for the right job - just like using the right
tool for the right job...
--
Larry Smith
SysAd ECSIS.NET
sysad@xxxxxxxxx