Robert Felber wrote:
On Fri, Dec 02, 2005 at 02:23:00AM +0100, mouss wrote:
That or use reject_rbl_client with proper RBLs. That's actually the same like
his idea, but _humanly_ verified (if it is a good RBL). I would very avoid
RBLs which use automatic mechanisms unless they are failproof. Spamtraps are
not.
I respectfully disagree. Many human-managed blacklists are influenced by
the politics of their owners and
most take a 'guilty until proven innocent' approach. That is to say,
they are free and easy about blocking
addresses which were offensive a fortnight ago, unless and until the
system admin gets in touch. Most of the
time, this doesn't cause a problem, and I know that there are those who
would vigorously defend this approach.
But have you ever tried getting an innocent address removed from DSBL,
for example?
For blocking mass-mailing worms, it is sensible that removal is
automatic and blacklisting is only applied to
hosts which have sent offensive mail in the past 24 hours. What do you
prefer, a blacklist that works based
on allegations that "someone sent me a virus", or a computer-generated
blacklist that specifies which virus was
detected and how many times in the last day, and then automatically
removes cleaned hosts when they cease
to send unwanted mail?
I do agree that systems based on blocking whatever shows up in your mail
logs files are unnecessarily dangerous
for most applications, but *only* because of the existence of a
well-managed and suitably verified virus blacklist which
I previously mentioned.
There is no right and wrong in this, but I can say that my experience of
supposedly 'managed' blacklists has been
somewhat lacking. Do not discount a blacklist simply because it is
managed by a computer; there are applications
for which this works better than human maintenance, and I regard VIRBL
as an example. To be more precise, what
matters is that any blacklist you do use is appropriate for the uses for
which is it intended, up to date, and operates
an effective removal policy, not whether it requires human involvement.
Regards,
Keith
-------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc. Do you grep through log files
for problems? Stop! Download the new AJAX search engine that makes
searching your log files as easy as surfing the web. DOWNLOAD SPLUNK!
http://ads.osdn.com/?ad_id=7637&alloc_id=16865&op=click
_______________________________________________
AMaViS-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/amavis-user
AMaViS-FAQ:http://www.amavis.org/amavis-faq.php3
AMaViS-HowTos:http://www.amavis.org/howto/
