Results 1 to 5 of 5

Thread: Blacklists

  1. #1
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683

    Blacklists

    Hi Guys,

    I'm not really an smtp guy but alot of our clients seem to be getting blacklisted by stupid ones like backscatter.org.

    What are you policies on this? Do you use Registered blacklists?

    It just seems to me now its so easy to get blacklisted by your IP pool.

    Thanks!
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  2. #2
    I feel for you getting off of some of those lists can be a huge pain. One company I used to do work for switched their ISP and got a new 5 pack of static IP's... Go figure the new address we gave to their mail server was blacklisted from years before they even had it. Shame on me for not checking I suppose.

  3. #3
    Member
    Join Date
    Jul 2009
    Posts
    45
    Its really an "educate the administrator" problem, as well as a top down (ceo/cio) mandate not to use overly broad lists.

    For a very simple example.. this paragraph about a spammer from a note on AHBL website http://www.ahbl.org/documents/kirch/...lease-scoville --
    The AHBL, based upon it's public listing policies, immediately added Mr. Scoville's SMTP server to our ban. Mr. Scoville responded with a legal threat in October 2003, which escalated his SMTP server to a different listing policy for spammers who use threats of violence or legal action. Due to the severity of such a threat, it was determined that Mr. Scoville would be escalated to our "Shoot on Sight" (SOS) listing policy. This means that when we can locate new IP space for the spammer we will list it BEFORE seeing spam samples from the spammer. It also allows escalation of the listing to cover the entire provider, and not just the source of spam. This in DNSBL terms is a collateral damage entry. The definition here is identical to the military concept.
    that the AHBL admits to using collateral damage entries, it is a key point in *not* using their lists, or not using their collateral lists.. if they have them as a separate item (haven't looked into AHBL other than to know I'd never use *them*).

    The case of back-scatter is that "you", operating said SMTP server should not have accepted the message if it was invalid (ie. not verifying SPF record of sender) The problem however is that a 100% bonafide email can come from such a place, be valid and still be considered back-scatter.

    So the admin using the back-scatter dnsbl is trying to force the sender's domain to do more to protect from bad incoming emails.. and again its a nice concept, but it only works to block more and more legitimate email ...

    Sometimes making the users aware of the negative impact from their email admin's use of a bad DNSBL, is enough to force the admin to change their policy. The people that admin reports to are the ones that tell 'um - "don't block our incoming emails using that kind of policy" and in the end he/she is forced to acquiesce.

    The end result, is to make sure you're doing what you can to limit what is invalid getting responded to, and to try to reach admins to tell them that you are doing the work, but that they are being too strict .. and to tell their users the same, so that their users can fight for you to the admin.

    The short answer would be: Yes ... I use blacklists ... but I research them, and try not to use blacklists that are overly zealous in their goals of blocking spam. Every admin should approach DNSBL that way, it is a lazy or overly zealous nature of some admins that feed the problem.
    Last edited by TG2; July 12th, 2011 at 06:52 PM.

  4. #4
    Only african to own a PC! Cider's Avatar
    Join Date
    Jun 2003
    Location
    Israel
    Posts
    1,683
    Quote Originally Posted by TG2 View Post
    Its really an "educate the administrator" problem, as well as a top down (ceo/cio) mandate not to use overly broad lists.

    For a very simple example.. this paragraph about a spammer from a note on AHBL website http://www.ahbl.org/documents/kirch/...lease-scoville --
    that the AHBL admits to using collateral damage entries, it is a key point in *not* using their lists, or not using their collateral lists.. if they have them as a separate item (haven't looked into AHBL other than to know I'd never use *them*).

    The case of back-scatter is that "you", operating said SMTP server should not have accepted the message if it was invalid (ie. not verifying SPF record of sender) The problem however is that a 100% bonafide email can come from such a place, be valid and still be considered back-scatter.

    So the admin using the back-scatter dnsbl is trying to force the sender's domain to do more to protect from bad incoming emails.. and again its a nice concept, but it only works to block more and more legitimate email ...

    Sometimes making the users aware of the negative impact from their email admin's use of a bad DNSBL, is enough to force the admin to change their policy. The people that admin reports to are the ones that tell 'um - "don't block our incoming emails using that kind of policy" and in the end he/she is forced to acquiesce.

    The end result, is to make sure you're doing what you can to limit what is invalid getting responded to, and to try to reach admins to tell them that you are doing the work, but that they are being too strict .. and to tell their users the same, so that their users can fight for you to the admin.

    The short answer would be: Yes ... I use blacklists ... but I research them, and try not to use blacklists that are overly zealous in their goals of blocking spam. Every admin should approach DNSBL that way, it is a lazy or overly zealous nature of some admins that feed the problem.
    Thanks for the feedback guys
    The world is a dangerous place to live; not because of the people who are evil, but because of the people who don't do anything about it.
    Albert Einstein

  5. #5
    They call me the Hunted foxyloxley's Avatar
    Join Date
    Nov 2003
    Location
    3rd Rock from Sun
    Posts
    2,534
    speaking of blacklists
    if you DO utilise them
    add the .co.cc to the list

    http://blog.sucuri.net/2011/07/googl...ing-co-tv.html

    Google has already pulled the domain from their search routines
    so now I'm in my SIXTIES FFS
    WTAF, how did that happen, so no more alterations to the sig, it will remain as is now

    Beware of Geeks bearing GIF's
    come and waste the day :P at The Taz Zone

Similar Threads

  1. the end of email?
    By Tedob1 in forum AntiOnline's General Chit Chat
    Replies: 14
    Last Post: December 4th, 2002, 01:05 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •