Scot L. Harris wrote:
On Tue, 2005-08-16 at 10:36, Thomas Cameron wrote:
This is not strictly a Fedora question, but I would like to query the list
on
this since it's such a large user base. Recently, our ISP has been added
to
the SORBS blacklist as a source of spam. We're being told that SORBS is
demanding money from our ISP to remove them from the list. I can't speak
to
whether the ISP is or is not a source of large amounts of spam, though it
seems unlikely, since they are in the Washington, DC area, and have many
government agencies as clients. Two questions: Is anyone else having
questionable issues with SORBS? Does it sound like extortion for such a
service to be asking for money from an ISP to remove them from such a
list?
I call bull on that. That type of crap is what makes spam-fighters look
like jerks. The whole "you happen to be on the same ISP as a spammer so
you're being punished" argument is pure, unadulterated fertilizer. That's
like saying "well, your little girl was in the same city as the bad guys,
so it's just too bad that she got her legs blown off in the cross-fire."
According to the SORBS web site (http://www.us.sorbs.net/overview.shtml)
they are looking for a $50 "donation" - what a load of crap.
If there is someone spamming at a certain address, I say absolutely
blocklist the heck out of them. But if that ip address is not being used
to spam any more, then demanding money to delist the address is extortion.
Thomas
This is why blacklisting has a bad reputation and why admins should not
use third party blacklists. There are many examples of blacklist
maintainers becoming over zealous in listing address ranges and stunts
like the OP related. Locally administered blacklists can be effective
but it never made much sense to me to turn over control of any of my
critical email services to a third party.
On the other hand locally-administered blacklists tend to be "file and
forget" - once an IP gets in there it's very unlikely to get out. The
big advantage of a centrally managed list is that once you're out of it,
you're out of it everywhere that list is used. Getting out of a
multitude of local lists could be well-nigh impossible.
Anyone refusing mail based on a third-party list should be very familiar
with the listing and de-listing policies of that list, and also whether
or not those policies are followed (a "reputation" issue). Without that
knowledge, use of such a list for outright blocking does indeed make
little sense (FWIW, I'm perfectly happy rejecting mail from IPs listed
by list.dsbl.org or sbl.spamhaus.org).
The vast bulk of spam can be blocked using a combination of greylisting
and spamassassin. These are not controlled by any central authority so
there is no chance of a central authority causing problems.
SpamAssassin does of course use third-party lists in its scoring though,
but a listing in just one list is unlikely to cause a rejection.
Paul.
