[vox-tech] smtp question - blocked ip

Joel Baumert vox-tech@lists.lugod.org
Mon, 6 Jan 2003 08:56:57 -0800 

On Mon, Jan 06, 2003 at 08:21:59AM -0800, Ted Deppner wrote:
> On Sun, Jan 05, 2003 at 11:55:44PM -0800, Joel Baumert wrote:
> > There was a discussion pointed at by /. a week or so ago that had
> > an interesting discussion of RBLs.
> > 
> > http://theory.whirlycott.com/~phil/antispam/rbl-bad/rbl-bad.html
> 
> ... And this article was just as quickly shown to be missing some key
> ideas and concerns, and not in-line with much anti-spam public opinion.
> 
> It's content feels like a talk-show, shallow logic, a few barely discussed
> hot-spots, etc.
> 
> The only real problem an RBL could ever have is in it's human management,
> listing/delisting processes specifically.  That isn't a problem inherent
> to RBLs... that'd be a problem for anything, anti-spam services or not.
[...]

Pete's problem of being blocked because your ISP has been blocked is
a biggie... Many people with access to broadband have limited if any
choices about who their ISP is because of lack of competition, money,
long term contracts, etc.  To have your machine be "collateral" damage
to an RBL for what could be an innocent reason is a problem.  

One of the examples in the article is an ISP being blocked because it
allows a SPAMer to sell their software is idiotic.  The SPAMer isn't
sending SPAM from the site so _WHY_ add it to the list?  Your right the
human factor is the problem with RBLs, and it is not an easy one to get
around.  The second problem with RBLs is legality, from what I remember
at least one RBL has been successfully sued for restraint of trade :-(.

I guess the moral to the story is that people should not depend on
entirly RBL's when making automated decisions on SPAM and just use it
as a indication that something could be.

I have been using spamassassin for about two months now and have been
_very_ happy with the results.  For my wife it has blocked >530 SPAM 
messages with only 3 incorrect blockings (fixed with a procmail rule).
She still got about 50 messages a month, but that is _significanly_
less than what we had before.

I decreased some of the SPAM before with iptables rules blocking
a list of RIPE and APIN networks, but stopped after getting the
assassin working.  When I get time I'll probably add some rules that
give those networks enough points to get my SPAM from those networks
tossed.

I would be interested to read what you think is a good piece on
the topic...

Joel