nanog mailing list archives

Re: e-mail blacklists (was Re: SPEWS?)

From: <jlewis () lewis org>
Date: Thu, 20 Jun 2002 22:54:00 -0400 (EDT)


On Thu, 20 Jun 2002 measl () mfn org wrote:

On Thu, 20 Jun 2002, J.D. Falk wrote:

     But spamcop's in specific is still based on spamcop user
    complaints, and most of the spamcop user complaints I've seen
    have been grossly mistargetted.


How?  I find spamcop to be very reliable, and the basis of many actions.


Spamcop is a perfect example of garbage in / garbage out.  I've had a
number of servers in spamcop's blacklist for the following reasons:

1) Local user misinterprets headers and reports one of our own MX's
thinking it generated a spam he/she received.  We get blacklisted.

2) Remote user gets the same message a few times from one of our users
(some tax related documents) and for reasons unknown to us, reports it as
spam, and we're blacklisted.

3) Local user runs a mailing list on one of our servers and leaves posting
open (yeah...that was a bad idea, but lots of lists still do it).  List
gets spammed.  A list member reports our server, causing it to be
blacklisted.  This one is actually listed right now, and we've gotten a
few "why can't I send email to ...?"  questions from other customers on
the same server.

The idea of a spam blacklist with an army of contributors is appealing.
In theory, it could blacklist large numbers of spam sources, perhaps
before they get a chance to hit your servers...but the reality is an army
of idiots turning a good idea into an unusable mess.

Some sort of hybrid of spamcop with dsbl, where those who screw up have
their contributing rights revoked would be far more interesting.  There
also needs to be some method for intervening when someone screws up rather
than having to just wait out expiration of a listing that should never
have happened.

-- 
----------------------------------------------------------------------
 Jon Lewis *jlewis () lewis org*|  I route
 System Administrator        |  therefore you are
 Atlantic Net                |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________

Current thread:

Re: SPEWS?, (continued)
- - - Re: SPEWS? william (Jun 20)
    - Re: SPEWS? Dave Israel (Jun 20)
    - Null Routing Spews (Re: SPEWS?) Drew Linsalata (Jun 21)
    - Re: SPEWS? Steven J. Sobol (Jun 20)
    - RE: SPEWS? Geo. (Jun 20)
    - RE: SPEWS? Stephen J. Wilcox (Jun 20)
    - Re: SPEWS? John Payne (Jun 20)
    - Re: SPEWS? Geo. (Jun 20)
    - e-mail blacklists (was Re: SPEWS?) J.D. Falk (Jun 20)
    - Re: e-mail blacklists (was Re: SPEWS?) measl (Jun 20)
    - Re: e-mail blacklists (was Re: SPEWS?) jlewis (Jun 20)
    - Re: e-mail blacklists (was Re: SPEWS?) Martin Hannigan (Jun 20)
    - Re: SPEWS? John Payne (Jun 20)
    - Re: SPEWS? Simon Lyall (Jun 20)
    - Re: SPEWS? Greg A. Woods (Jun 21)
    - Re: SPEWS? JC Dill (Jun 21)
    - Re: SPEWS? up (Jun 20)
    - Re: SPEWS? Steven J. Sobol (Jun 20)
    - Re[2]: SPEWS? Richard Welty (Jun 20)
    - Supporting White Hats (Was SPEWS) measl (Jun 20)
    - Re: Supporting White Hats (Was SPEWS) JC Dill (Jun 21)

(Thread continues...)