North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

RE: SORBS Contact

  • From: andrew2
  • Date: Wed Aug 09 14:53:43 2006

[email protected] wrote:
>>> I don't know what your problem is, but you're not making things any
>>> better by refusing to fix listings that aren't incorrect or, in some
>>> cases, never were.
> IMHO, it's not about making things 'better' - we don't expect
> NANOG'ers to be any more altruistic than other folk. It's
> about consumer protection, as the anti-spammers always say;
> if $BLACKLIST does a good job, we keep it. If it screws up
> too much, we go elsewhere. So Matt has an incentive to be
> correct, I should think.

I fear we're veering off topic, but the problem with the "If $BLACKLIST
does a job, we'll keep using it" axiom is that it makes the assumption
that the majority of mail admins who use blacklists as part of their
antispam arsenal are keeping close tabs on the efficacy and accuracy of
the blacklists they use.  Unfortunately I don't believe that is
generally the case.  In my experience, most use blacklists as a "set and
forget" kind of weapon, and the only method they use to judge the
reliability of a list is how many spams it blocks, regardless of
accuracy.  Too often you find admins that, when presented with an
example of a false-positive caused by an inaccurate blacklist, cop the,
"Don't talk to me, talk to the blacklist operators" attitude.

And it isn't entirely a lazy admin problem.  There really seems to be no
*good* way to judge the relative accuracy of different blacklists.  You
can read thier policies and procedures, but how do you know if they
actually follow them?  Keeping an eye on mailing lists and newsgroups
can help some, but how do you separate the net.kooks complaining about a
valid listing from people with legitimate gripes?  Especially when the
blacklist admins often come off as bigger net.kooks than their

It winds up looking like a big catch-22 to me.  Blacklist operators
essentially punt all responsibility for incorrectly blocked emails on
the mail admins, and the mail admins punt all responsibility for
incorrect listings back at the blacklist operators.  And that leaves us
with *no one* taking responsibility, which makes me seriously question
the wisdom of using blacklists at all anymore.

Personally, I think completely automated systems with very short listing
times may be the way to go.  It removes the human element from the
listing and delisting process in order to avoid the
personality-conflict/vendetta listings that seem to poison a number of
popular blacklists.  In the long run, though, I think the spammers have
won the DNS blacklist war already and our time is better spent
developing better content filters to worry with the actual content of
the email than where it came from.

Andrew Cruse