[time-nuts] [OT] Re: Heads up: Mark C. Stephens...

Mon Aug 5 10:17:37 EDT 2013

While I'll agree on Spamhaus' decent services, SORBS has definitely a 
very shoddy history (the internet is full of "beneficiaries"'s stories). 
Besides being very "trigger happy", and unresponsive on requests, the 
owners at least used to force a "fine", err. "donation" for delisting. 
Since it has been sold, a few years ago, I guess the latter practice was 
discontinued.

Thanks for the suggestions, but even if I'm running/administering mail 
servers since last century, I still had encounters with some 
donkey-brained DNSBLs, one even trying to blackmail me, conditioning 
delisting with forcing my ISP, through me, to contact them to solve some 
"unfinished business" they had... Cases of blacklisting all IP blocks of 
certain ISPs as a retaliatory measure are not unknown of, if the DNSBL's 
"master" felt so...
Not one of those brain-dead DNSBLs could provide a single example of 
spam originating at one of the MXs's addresses, but offered a lot of hot 
air about their "intelligent" algorithms. In the case of a DNSBL 
acquired by m$, they justified the blacklisting for sending "over 50% 
spam" after supposedly getting _one_ offending message... which they of 
course couldn't/wouldn't provide. You have to trust their word!
It's usually just a waste of time, and nerves, to try to reason with 
those DNSBLs. It's faster to convince the admin of the partner's domain 
to whitelist the IP(s) directly.

BTW, most viruses, and other malwares usually don't use the victim's ISP 
MXs, but send the spam/malware directly to the world. I've more seen 
spoofing compromised generic (web)mail provider's accounts (especially 
yahoo). Windumb, and computer illiterate lusers are the main source of 
spam/malware dissemination.
Blocking SMTP connections except to the own MX (with appropriate 
filtering before relaying) is current practice.

On 8/5/2013 2:46 PM, James Harrison wrote:
> On 05/08/13 11:42, MailLists wrote:
>> Good luck delisting a DNSBL listed IP (block) from those "crusaders"...
>> Back some time there was a piss contest between some of those
>> "blacklists" on which one would blacklist the whole internet faster.
>> In the mean time different "security" providers bought up some of those
>> rabid "blacklists" to "power" their "antispam" offerings, usually
>> bundled with a "security" appliance.
>> If you get caught in their web, you'll have a tough time to get
>> delisted, usually denied with some puerile pretext, from obtuse criteria
>> up to pure blackmail.
>>
>
>
> In fairness, SORBS and Spamhaus are some of the better candidates, and
> ISP-bundled mail servers typically are _full_ of spam because their
> customers get viruses that proceed to use their email accounts for
> spamming all the time.
>
> If you want to get your email delivered reliably and receive email
> reliably, run your own mailserver or get someone who knows what they're
> doing to run one for you.
>