nanog mailing list archives

Re: spamhaus drop list

From: "Patrick W. Gilmore" <patrick () ianai net>
Date: Tue, 16 Jun 2009 15:43:01 -0400

On Jun 16, 2009, at 2:00 PM, Quinn Mahoney wrote:

Is there a competing droplist, that can be compared against Spamhaus's
droplist? That seems like an extraordinary claim, so I'm notsatisfied
with the evidence provided.  Is this not the best droplist?

Extraordinary claims require extraordinary proof. Mr. Anderson giveslittle proof at all, and not even close to extraordinary proof, IMHO.

My personal experience is that Spamhaus is highly respectableorganization. They are by no means perfect, but I trust theirjudgement to a high degree, FWIW. The Spamhaus DNSRBLs are, Ibelieve, the most used on the Internet. This suggests the rest of theInternet has a different opinion than Mr. Anderson.

I have not used MAPS, so I cannot comment on its utility. but I havenever heard a single credible claim Mr. Vixie is a spammer, more orless a verifiable one. (Yes, that includes the claim below.) From mypersonal experience, Mr. Vixie is very much the opposite of aspammer. Mr. Vixie gave the Keynote speech at the NANOG conferenceyesterday, so I would submit the community at large disagrees with Mr.Anderson's assessment.

SORBS is probably not as highly regarded as Spamhaus, but as withVixie, not one credible claim has ever been made that Michelle is aspammer, including the below. Again, the opposite is reality, andprobably to the same extent as Vixie. (I.e. Some people think they gotoo far in fighting spam, not in sending it.)

Finally, John Levine is not a spammer either. I'm kinda tired ofgiving proof, so take my word for it, or not, as you please.

Anyway, just some personal opinions from someone who has had personalinteraction with the people involved and used two of the threeproducts mentioned. Not sure this was operational, but I felt theneed to step up and defend people after you forwarded the outrageousclaims below to the list. (No one on the list saw Mr. Anderson'sclaims other than you, because you were personally CC'ed.)


End of day, your network, your choice.  I think you know mine.

--
TTFN,
patrick

-----Original Message-----
From: Dean Anderson [mailto:dean () av8 com]
Sent: Monday, June 15, 2009 6:10 PM
To: Quinn Mahoney
Cc: nanog () nanog org
Subject: Re: spamhaus drop list

I suggest you avoid spamhaus, MAPS, and SORBS. They are reallyspammersin disguise, using blacklists to harm their competition whilepresumably

letting their own spam through. We know they have used trust of the
anti-spam community to list-wash spam-trap addresses.

See http://www.iadl.org/whitehat/whitehat-story.html add the IADLpages

on Paul Vixie and MAPS.

You might also look at
http://www.av8.net/IETF-watch/People/JohnLevine/index.html

Levine, long head of the Anti-spam Research Group, was also unmaskedas

a spammer.

Fred Baker <fred () cisco com> is on the ISC Board of Trustees, and is a
Vixie supportor.


                --Dean

On Mon, 15 Jun 2009, Quinn Mahoney wrote:

I'm looking to implement the Spamhaus drop list.
http://www.spamhaus.org/drop/index.lasso



On their FAQ they have a script that looks like it grabs the lists

text

file and connects to a given router, and tells you what has changedin
the list, and what your router is null routing.  I'm not sure if it

then

removes the null routes if a list entry has been removed.  I haven't
found much documentation on the net regarding this.  In the future it
looks like you will be able to peer with them and null route traffic

from a private AS, which will be routes from the drop list. Rightnow

though, it looks like you'd have to update an ACL manually for any

changes to the list. Or use this script which null routes thetraffic

(I guess it's not a big deal getting the syn packets, as long as the
mail won't send because of the null route).  I am not sure if this
script updates the null routes automatically, or how to use it, I

can't

find to much documentation.



Any documentation on this script or another script available.  What

are

your suggestions?



thanks


--
Av8 Internet   Prepared to pay a premium for better service?
www.av8.net         faster, more reliable, better service
617 344 9000

Current thread:

spamhaus drop list Quinn Mahoney (Jun 15)
- Re: spamhaus drop list Fred Baker (Jun 15)
  - Re: spamhaus drop list Chris Adams (Jun 15)
- Message not available
  - RE: spamhaus drop list Quinn Mahoney (Jun 16)
    - Re: spamhaus drop list sthaug (Jun 16)
    - Re: spamhaus drop list Peter Dambier (Jun 16)
    - Re: spamhaus drop list Patrick W. Gilmore (Jun 16)
    - Re: spamhaus drop list Peter Dambier (Jun 16)
    - Re: spamhaus drop list Patrick W. Gilmore (Jun 16)
    - Re: spamhaus drop list J.D. Falk (Jun 17)
    - Re: spamhaus drop list John Levine (Jun 16)
    - Re: spamhaus drop list Bret Clark (Jun 16)
    - Re: spamhaus drop list Rich Kulawiec (Jun 18)
- <Possible follow-ups>
- RE: spamhaus drop list Michiel Klaver (Jun 17)
  - RE: spamhaus drop list Raymond Dijkxhoorn (Jun 17)
  - Re: spamhaus drop list Suresh Ramasubramanian (Jun 17)
    - Re: spamhaus drop list Sean Donelan (Jun 17)

(Thread continues...)