On Wed, 5 Jun 2002, Vaughn Thurman - Swift Systems Inc wrote: > Is anyone using the black-list feature of GnatBox (MAPS, etc) with any luck? > I am considering going that way and would enjoy some constructive advice.
Yup, works quite well. There are a couple of enhancements that would be really nice to see implemented, but what is there works fine. We end up rejecting something like an average of 500 emails a day based on the lists we use. (We have around 100 active email accounts in the company). The rejects get logged with the rest of GB logging data. We've a script/perl cron job to parse out the logs and I get an email every day listing the rejected IPs and what list bounced them. > I am also wondering if anyone has found any remaining free black-list > servers that are reliable...??? Sure, keeping in mind that my definition of "reliable" may be different than yours :-) Which I guess leads into some of the enhancments I'd like. Even with automated systems, what ends up in a block list can be inconvienient to a given site. One of the things the GnatBox needs is a locally maintained whitelist for mail servers that you *always* want to get through (even if they are listed on all the other lists you check). Similarly, I might have some particular site(s) that I want to block that are not on on the public lists. The GnatBox needs a local blacklist. My definition of "reliable" would be - Its generally available - Its automated - Low false positives - "Reasonable" listing policies Id suggest getting your management on board as far as accepting that there will be mail rejected that you would want to recieve. In my case, the owners agree that 500 emails a day is real money. We made a decision to work with customers that might be blocked to fix the problem rather than letting the garbage in. The lists I use: 1) ORDB (www.ordb.org, zone is relays.ordb.org). They list open smtp relays. *Lots* of spam comes through open relays. Im a firm believer that open smtp relays are just not acceptable in today's internet. YMMV :-) This generally blocks the most stuff for us. 2) SpamCOP (www.spamcop.net, zone is bl.spamcop.net). Automated listing/delisting based on spam reports (and I think some spam traps). Lately this has been blocking nearly as much stuff as ORDB. Since its automated, if some moron does a humongus spam run from say, AOL, it lists the AOL mail servers. A couple of AOL's servers were listed for a few hours last week in fact. The listings are rate sensitive, so when the spam stopped, AOL was de-listed. We bounced some stuff in the middle of the night, but there were no complaints. This made me a bit queasy at first, but it really does seem like it adapts pretty well. Im getting more comfortable with it. 3) SpamHaus (www.spamhaus.org, zone is sbl.spamhaus.org). Ive just started using this. So far, its not flagging much at all. Its third in the list, so most stuff must get blocked by the other ones. I sort of like the listing policies on this one. There are others, notably relays.osirusoft.com and spews.org. Ive not worked up the courage to try them yet, but a few more porno spams to the boss lady and you never can tell. Also, ORDB and SpamCop dont charge for use, but they do take donations. After seeing what they have done for us, we sent a dontation in recognition of the value they provide to us. Joe Matuscak Rohrer Corporation 717 Seville Road Wadsworth, Ohio 44281 (330)335-1541 [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] To subscribe to the digest version first unsubscribe, then e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archive of the last 1000 messages: http://www.mail-archive.com/[email protected]
