[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Every spam is sacred

On Sun, 15 Jun 2003, Jesus Climent wrote:

> On Sat, Jun 14, 2003 at 03:47:04AM +0200, Santiago Vila wrote:
> > > Secondly, you're placing too much faith in DSBLs being accurate.
> >
> > No, it's really that accurate. If a message comes from an open
> > relay, an open proxy, or it was sent using an insecure formmail
> > script listed in the DSBL, you may be 99.95% certain that it's spam.
>
> What Manoj said is that you are putting too much faith on the list itself.

It was not Manoj who said that. It was Martijn van Oosterhout.

> I do not argue a mail coming from an open relay has 99.95% prob. of
> being spam, but is it 99.95% of the ips listed on that list an open
> relay?

IPs are added to the list when they pass the "open relay test".

If you run an open relay and got listed in the DSBL, you should ask
for a retest to be delisted. This process may take 24-25 hours, so,
yes, there is a short period of time in which you might be listed
without being an open relay.

This might be a small inconvenience for you if you ran an open relay,
but it's nothing compared to the global inconvenience of receiving
thousands of spam messages from your open relay.

> > Using a DNSBL does not block any person, it just blocks IPs.
>
> So if the IP is used by several people...

Or several spammers...

> [...]
> I reported some months ago an experience with Helsinki University of
> Technology (HUT) and Helsinki University (HY) (note they are two different
> institutions). The problem was: I send a mail from HUT to a frien of mine in
> HY. The mail was rejected without further explanation by the HY mail service.
> I found from the web pages that they implement some DNS blocking, and without
> them noticing, they were BLOCKING THE WHOLE HUT!!

"Some DNS" blocking is meaningless. There are good DNSBLs and bad
DNSBLs, and the fact that you once suffered from a bad DNSBL does not
mean all of them are bad or evil.

As for the "without further explanation", many DNSBLs (including the DSBL)
have TXT records, which are shown in the rejected message, or, if you
are using exim's /warn feature, in the X-RBL-Warning header itself,
like this:

X-RBL-Warning: (list.dsbl.org) http://dsbl.org/listing?ip=200.149.165.185

> [...]
> And it was a mail sent to postmaster@ and to abuse@

At least postmaster should be in recipients_reject_except.
The fact that DNSBLs may be abused does not mean we should abuse them too.

Rejecting all DNSBLs based on the experience from several of them is
like saying "I don't want to use any computers because they use
software, and software may have bugs".

> Still, about the transfering of such database of DNS entries,  i fail to see
> what freedom we get receiving a list that cannot be redistributed.

The freedom to say "no" to spam sent from open relays, open proxies
and insecure formmail scripts. I lost this freedom the day I started
to use my @debian.org address for the Maintainer field.
Reply to: