Atrivo/Intercage: Now Only 1 Upstream

Seth Mattinen sethm at rollernet.us
Wed Sep 17 15:24:53 CDT 2008


David Schwartz wrote:
>> I occasionally get in to an argument with a customer who is trying to
>> get mail from someone after a spam run came out of a google mail server
>> and landed it on a DNSBL. The argument presented to me always boils down
>> to "Google could never do anything wrong" or "Google is too big to do
>> anything wrong" and I should immediately stop recommending any DNSBL
>> that would dare to block Google.
>>
>> ~Seth
> 
> A more rational version of this argument would be that blocking Google's
> mail servers will obviously have large amounts of collatarel damage. Any
> DNSBL that blocks Google's mail servers, other than perhaps in sufficiently
> serious situations to justify this level of collatarel damage, shouldn't be
> recommended.
> 
> You should provide a way for customers to opt out of your blacklists. Many
> people are perfectly happy to run their own spam filtering software and
> retain the capability to skim (or analyze) their spam.
> 
> If you provide a way for your customer to do this, point them to it. If not,
> that is a failing on your part. (Though of course it's always possible you
> have cost/benefit arguments that justify not providing that service.)
> 
> Some people would really like email to be as reliable as possible, even if
> that means they have to wade through a lot of spam. At least this gives them
> ability to whitelist sources that are important to them personally.
> 

Oh, they can. They have full control of everything hardcore filtering to
nothing at all and anything in between. They could prune out the DNSBL
they didn't like, turn off DNSBL completely, whitelist the source CIDR
range (which I gave them), whitelist the sender's address/domain, etc.
There was 15 different ways they could have fixed it, but didn't want
to. I can't really say why. All they would say is "it's Google."

~Seth




More information about the NANOG mailing list