[78712] in North American Network Operators' Group
Re: sorbs.net
daemon@ATHENA.MIT.EDU (Jason Slagle)
Mon Mar 21 10:55:32 2005
Date: Mon, 21 Mar 2005 10:55:13 -0500 (EST)
From: Jason Slagle <raistlin@tacorp.net>
To: Paul G <paul@rusko.us>
Cc: nanog@merit.edu
In-Reply-To: <08db01c529b0$93ba4c10$0200a8c0@rusko>
Errors-To: owner-nanog@merit.edu
On Tue, 15 Mar 2005, Paul G wrote:
> unfortunately, that *still* didn't stop people from using it, which
> translated into an unresolvable headache for me as a sp. if you don't
> consider a blacklist to be usable by the public, don't publish it. however,
> publishing a draconian blacklist seems to get you a 'hardcore' label/clout
> in certain circles and is thus irresistible for some.
Sorry if this thread is older, but I ran into a PRIME operational example
of this last week that cost one of the techs here a few hours headache.
Lady was running exchange. She had the Symantec virus/spam/crap filter
for it installed.. All email to her was bouncing with a 550 spam site
deny.
We jerked around with it for quite some time before we realized that one
of the dnsbl's that the Symantec product was using was returning positive
for ALL queries.
This is the risk you run - this product either had it on by default, or it
was in a list of options to turn on. End users don't know what it is, and
only know it'll help eliminate spam, and they turn it on. Then they
generate support load when their email breaks.
Average user, or even sysadmin, doesn't know about dnsbl's. To state that
you make a concerted effort to use them nowadays may be false.
Spamassassin comes out of the box poking SORBS and adding score if it's in
there. I turned it off because of questionable listings, but how many
users of SA know how to do that?
Food for thought.
Jason
--
Jason Slagle
/"\ . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
\ / ASCII Ribbon Campaign .
X - NO HTML/RTF in e-mail .
/ \ - NO Word docs in e-mail .
