[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Every spam is sacred

On Sat, Jun 14, 2003 at 03:47:04AM +0200, Santiago Vila wrote:
> 
> > Secondly, you're placing too much faith in DSBLs being accurate.
> 
> No, it's really that accurate. If a message comes from an open
> relay, an open proxy, or it was sent using an insecure formmail
> script listed in the DSBL, you may be 99.95% certain that it's spam.

What Manoj said is that you are putting too much faith on the list itself. I
do not argue a mail coming from an open relay has 99.95% prob. of being spam,
but is it 99.95% of the ips listed on that list an open relay?

> Using a DNSBL does not block any person, it just blocks IPs.

So if the IP is used by several people...

> If a person sends a message and it's rejected, the same person might
> try another way of sending his message, for example, using a free
> email provider (hotmail, yahoo). These big ISPs are usually serious
> about not having their main SMTP servers running as open relays, so
> it's unlikely that they are listed in the DSBL.

You might not have heard about the latest DAV hole that can be used by
spammers to send mail using the DAV servers from Hotmail.

And another example:

I reported some months ago an experience with Helsinki University of
Technology (HUT) and Helsinki University (HY) (note they are two different 
institutions). The problem was: I send a mail from HUT to a frien of mine in
HY. The mail was rejected without further explanation by the HY mail service.
I found from the web pages that they implement some DNS blocking, and without
them noticing, they were BLOCKING THE WHOLE HUT!!

I was able to access another account to send a message to the administrators,
informing about the situation.

My mail was then **rejected** because it was clasified by the anti-spam system
as a 99.9% spam. And it was a mail sent to postmaster@ and to abuse@

>From my experience, DNS blocking is a Bat Thing (tm) if used to reject mail.
Tagging mail and letting the end user decide about the destination folder of
such mails is another thing.

Even we could use the tag to trigger a rule in SpamAssassin and add a point,
or even run the Genetic Algorithm to determine the suitable score for that
rule.

Still, about the transfering of such database of DNS entries,  i fail to see
what freedom we get receiving a list that cannot be redistributed.

mooch

-- 
Jesus Climent | Unix SysAdm | Helsinki, Finland | pumuki.hispalinux.es
GPG: 1024D/86946D69 BB64 2339 1CAA 7064 E429  7E18 66FC 1D7F 8694 6D69
----------------------------------------------------------------------
 Registered Linux user #66350 proudly using Debian Sid & Linux 2.4.20

You know what the real tragedy of this day is? I'm not even supposed to 
be here today!
		--Dante Hicks (Clerks)
Reply to: