[82666] in North American Network Operators' Group
Re: NANOG List Server on several BlockLists
daemon@ATHENA.MIT.EDU (Todd Vierling)
Tue Jul 26 20:26:07 2005
Date: Tue, 26 Jul 2005 20:25:10 -0400 (Eastern Daylight Time)
From: Todd Vierling <tv@duh.org>
To: "Christopher L. Morrow" <christopher.morrow@mci.com>
Cc: John Palmer <nanog@adns.net>, nanog@merit.edu
In-Reply-To: <Pine.GSO.4.58.0507262341550.3650@parapet.argfrp.us.uu.net>
Errors-To: owner-nanog@merit.edu
On Tue, 26 Jul 2005, Christopher L. Morrow wrote:
> > FYI: The IP address of the mail server that sends out NANOG list messages
> > (198.108.1.26) is once again on most of the major RBLs.
>
> reason #6572 not to use rbl's... or to atleast understand what your rbl's
> are putting on their lists any why :)
The latter. DNSBLs are valuable tools, but using any large list as a
one-step block can be quite problematic. Many use multiple return codes,
some of which could qualify as one-step blocking, such as open relay
detection, but some of which should be used only for weighting. An
effective modern spam blocking system uses many layers of screening with
different scope for each layer.
Yes, it's problematic that people don't follow these rules of thumb, but
DNSBLs are a very small part of the problem these days -- unscalable C/R
tends to get much worse. (Use SPAM-L if you'd like to ask people for
statistical samples.)
--
-- Todd Vierling <tv@duh.org> <tv@pobox.com> <todd@vierling.name>
