e-mail blacklists (was Re: SPEWS?)

jlewis at lewis.org jlewis at lewis.org
Fri Jun 21 02:54:00 UTC 2002 

On Thu, 20 Jun 2002 measl at mfn.org wrote:

> On Thu, 20 Jun 2002, J.D. Falk wrote:
>
> > 	 But spamcop's in specific is still based on spamcop user
> > 	complaints, and most of the spamcop user complaints I've seen
> > 	have been grossly mistargetted.
>
> How?  I find spamcop to be very reliable, and the basis of many actions.

Spamcop is a perfect example of garbage in / garbage out.  I've had a
number of servers in spamcop's blacklist for the following reasons:

1) Local user misinterprets headers and reports one of our own MX's
thinking it generated a spam he/she received.  We get blacklisted.

2) Remote user gets the same message a few times from one of our users
(some tax related documents) and for reasons unknown to us, reports it as
spam, and we're blacklisted.

3) Local user runs a mailing list on one of our servers and leaves posting
open (yeah...that was a bad idea, but lots of lists still do it).  List
gets spammed.  A list member reports our server, causing it to be
blacklisted.  This one is actually listed right now, and we've gotten a
few "why can't I send email to ...?"  questions from other customers on
the same server.

The idea of a spam blacklist with an army of contributors is appealing.
In theory, it could blacklist large numbers of spam sources, perhaps
before they get a chance to hit your servers...but the reality is an army
of idiots turning a good idea into an unusable mess.

Some sort of hybrid of spamcop with dsbl, where those who screw up have
their contributing rights revoked would be far more interesting.  There
also needs to be some method for intervening when someone screws up rather
than having to just wait out expiration of a listing that should never
have happened.

-- 
----------------------------------------------------------------------
 Jon Lewis *jlewis at lewis.org*|  I route
 System Administrator        |  therefore you are
 Atlantic Net                |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________

More information about the NANOG mailing list