[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: fighting spam || avoiding spam

On Mon, 7 Jun 2004, John Goerzen wrote:

> On Mon, Jun 07, 2004 at 11:53:07AM -0400, Jaldhar H. Vyas wrote:
> > On Mon, 7 Jun 2004, Santiago Vila wrote:
> >
> > > BTW: We have to be really stupid to accept messages from open proxies
> > > ourselves at the debian.org domain. Would anyone second a General Resolution
> > > mandating the use of xbl.spamhaus.org in all MXs for debian.org?
> >
> > Seconded.
> Why not sbl-xml.spamhaus.org?

SBL sometimes "escalates" and lists IP ranges instead of individual IPs.

Concentrating the discussion on just the XBL would remove objections
from people who say not to trust DNSBLs because they are "indiscriminate".

OTOH, if a simple proposal for the XBL clearly wins, we can vote on SBL later.

> Let's be careful how we word this, please.  Don't tie the admins' hands
> in the event that something catastrophic happens to SBL/XBL or it ceases
> being a useful tool.

Considering that the real catastrophe is the current level of spam, I
don't think we could agree on what exactly a catastrophe is.

How about this?

Proposal 1:

* All machines which are MX for the debian.org domain MUST reject
messages coming from IPs in the xbl.spamhaus.org DNSBL.

* debian-admin MAY create an exclusion list for those who want these
rejections not to happen for their particular email address [1].

Proposal 2, for those still unsure about the effectiveness and quality
of the XBL and want *real* data to decide about proposal 1:

* If proposal 1 is not accepted, all machines which are MX for the
debian.org domain MUST add a X-RBL-Warning: header to all messages
coming from IPs listed in the xbl.spamhaus.org DNSBL, if it's easy
to do so [2].

These two proposal could be voted in the same ballot (I would very
disappointed if not even the second one gets approved).

[1] Using SHOULD or MUST would not be fair to debian-admin. It would
create additional load for them.

[2] exim, at least. I don't know how easy/difficult it is with postfix.

Reply to: