On 17 Oct 2006, at 18:09, Ian Eiloart wrote: >> TXT= "Net 83.19.0.0/16 is Level 3 listed at UCEPROTECT-Network. See >> http://www.uceprotect.net/en/index.php?m=7&s=8"; > > To be fair, they do recommend that users don't block at level 3.
Blocking the whole class B network is highly unlikely to be restricted to the spammers They only require 200/65535 IPs to block the lot. It is also unclear if the 200 have to be from different class C networks, as I read http://www.uceprotect.net/en/index.php?m=3&s=5 I understand that if 200 ips from a single class C network generate spam then the whole class B is listed 559: Throwing the baby out with the bath water error > > I still think their listing criteria are dumb. The seem to use three > techniques: > > 1. People who bounce viruses with warning messages (actually, > that's fine). I disagree with this, IME 99% of the time the mail is sent automatically by the virus with a forged sender address so 99% of the time it is wrong to bounce. I am doing AV at SMTP time BTW > > 2. People who use SRS. I'd like to use it for local people that ask > to get > email forwarded from their local (sussex.ac.uk) address to a personal > address. I don't see how SRS can harm anyone when I do this. > Perhaps such > email would never hit their honeypots, though. > > 3. People using sender verification callouts. They seem to think > it's as > bad as sending email, but my sender verification callouts don't fill > mailboxes or server queues. And, they do stop lots of spam. > I think their policy is, create a spam trap, anyone that starts an smtp session with the spam trap gets listed IRRESPECTIVE of what they were trying to do. Because the system is not able to determine legitimate access from spam access. Then find lots of sophistic arguments as to why you should be blocking all these innocent people that have inadvertently pranged the trap. because they are trying to fight spam from a different angle Stuart PS How about Level 4 - block whole class A if there are 400 spammers in it Level 5 - block all of internet if there are more than 1000 spammers in the world :-)) Sorry just being factious, blocking the whole class B is a bit crazy HOWEVER, having a better granularity between /24 and /16 may have some merit MAYBE - most ISPs have non contiguous class C net blocks So blocking a whole /23 or /22 etc is probably useless but it is not silly. Blocking /16 is silly -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
