On Tuesday 2004-07-13 01:17 pm, Steve Lamb wrote: > As well as legitimate mail. :) Very little. Most of the filtering magic is via greylisting which has proven to be remarkably effective. > But that's only 1/2 the equation. False positives are far more > destructive than false negatives. How many false positives do you get in > any given day? I don't have figures, but I've noticed no decrease in the amount of mail I'm receiving every day. > As for my comment about false positives, here's one for you. > Literally. Check your logs for this message I'm sending right to you (I > normally trim out copies to the author) and see what it says. :D For the benefit of everyone on the list who isn't me: Jul 13 13:17:25 kanga postfix/smtpd[84603]: NOQUEUE: reject: RCPT from olethros.dmiyu.org[64.251.10.196]: 554 Service unavailable; Client host [64.251.10.196] blocked using sbl-xbl.spamhaus.org; http://www.spamhaus.org/SBL/sbl.lasso?query=SBL4091; from=<grey@dmiyu.org> to=<kirk@strauser.com> proto=ESMTP helo=<dmiyu.org> Visiting that URL gives: 64.251.0.0/19 is listed on the Register Of Known Spam Operations (ROKSO) database as being assigned to, under the control of, or providing service to a known professional spam operation run by Infolink / Prieur Leary III. [...] As this is a known professional spam operation, it is important that all service to the Infolink / Prieur Leary III spam operation be terminated before this listing can be removed from the SBL. There can be no functioning web site, mail or DNS server still serving the spam operation in 64.251.0.0/19. To have record SBL4091 (64.251.0.0/19) removed from the SBL, the Abuse/Security representative of ARIN (or the Internet Service Provider responsible for connectivity to 64.251.0.0/19) needs to contact the SBL Team to advise how the spam problem has been terminated. I feel badly that your ISP has taken on a spammer as a paying customer, and that it is causing problems for you and their other legitimate customers, but it seems as though the blacklist is returning accurate information. I trust that you're not a spammer, but my mailserver has a pretty good (and seemingly valid) reason to believe that mail originating from your netblock is likely to be spam. Have you screamed at your ISP yet? -- Kirk Strauser
Attachment:
pgpoQhP1n4Kxe.pgp
Description: signature