[121227] in North American Network Operators' Group
Re: SORBS on autopilot?
daemon@ATHENA.MIT.EDU (Brian Keefer)
Wed Jan 13 12:16:29 2010
From: Brian Keefer <chort@smtps.net>
In-Reply-To: <20100112210927.GA6931@gsp.org>
Date: Wed, 13 Jan 2010 09:14:22 -0800
To: Rich Kulawiec <rsk@gsp.org>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Jan 12, 2010, at 1:09 PM, Rich Kulawiec wrote:
> On Tue, Jan 12, 2010 at 10:48:31AM -0800, Brian Keefer wrote:
>> I wouldn't say that necessarily accurate. I could be considered
>> part of the "anti-spam crowd", seeing as that's my line of work.
>=20
>> I think DULs are a really dumb way to block spam. Making a binary
>> decision off of information that's wrong as often as it's right it's
>> a great way to create collateral damage and just generally cause more
>> headaches for everyone. =20
>=20
> I've done a little bit of work in the anti-spam area as well (starting
> around 1983) and I can tell you that your viewpoint about DULs is
> roughly half a decade out of date.=20
Well not to drag this into a meta-thread, but you're not the only one =
with experience. I've been doing this for well over a decade too, so =
have a great many of my colleagues, not only at my employer, but at =
competing companies. I can tell you that your view on this is far from =
universal.
Parties who believe blanket blocking of IP space (sounds very 1999 to =
me, I was there, I did that stuff) is the best thing ever tend to not =
have access to high-quality reputation services and/or content-based =
analysis. See Joel Snyder's comments. BTW I'm not talking about =
anything Open Source.
There are lots of ways to block a lot of spam, but most of the perceived =
"low-cost" ways block a non-trivial amount of wanted mail. Call it =
whatever you like, the fact remains that most organizations that value =
e-mail as a communication medium do care about missing those wanted =
messages. If it was as simple as blocking dynamic IP pools and spammy =
.TLDs, organizations would be doing that instead of paying $$$ for =
sophisticated services & software.
That's the last I'll say on blanketing vs. intelligent blocking for this =
thread.
PS We agree on quite a few subjects, just not this one.
--
bk=
