North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: SORBS Contact

  • From: Steve Atkins
  • Date: Thu Aug 10 00:05:52 2006


On Aug 9, 2006, at 8:29 PM, Robert J. Hantson wrote:


So with all this talk of Blacklists... does anyone have any suggestions
that would be helpful to curb the onslaught of email, without being an
adminidictator?

Right now, the ONLY list we are using is that which is provided through
spamcop. They seem to have a list that is dynamic and only blacklists
during periods of high reports, then takes them off the list after a
short time...

Or am I just a little naive? 

Fairly naive. Spamcop blacklists a lot of IP addresses that send
a lot of email that isn't spam. And some that send zero spam, by
any sane definition.

That doesn't mean to say it doesn't work for you, but don't mistake
a list that'll block a mailserver for a week on the basis of one or
two unsubstantiated reports as _safe_ solely because it will only
block it for a week.

Depending on your demographics SpamCop may have an acceptable
false positive level, but it's not a list I advise most users to use as it
regularly lists sources of large amounts of non-spam (such as, for
example, mailservers used solely for closed-loop opt-in email).
Despite that, though, it's quite effective if you're prepared to accept
the false positive rate.

You may want to look at the CBL or XBL if you're interested in a
very effective IP based blacklist with a very low level of false
positives. Not zero, but really pretty low.

Pretty much all the others have levels of false positives that are
bad enough that I wouldn't use them myself, though depending
on the demographics of your recipients they may be acceptable
to you. Using them to block mail to all recipients is likely to be
problematic in most cases. Some recipients who choose to use
it? Sure. As part of a scoring system? Perhaps. Blocking across
all users? Probably a bad idea in most cases.

Cheers,
  Steve