On 20 Jan 2021, at 11:27, Russell Clemings via mailop wrote:
I don't really understand why anybody would use UCEPROTECT3 anyway.
The first sentence of their web page says:
"This blacklist has been created for HARDLINERS. It can, and probably
will
cause collateral damage to innocent users when used to block email."
http://www.uceprotect.net/en/index.php?m=3&s=5
People do very dumb things with their mail systems.
For 17 years I've run a strictly private blocklist which has for all of
that time answered unauthorized queries to the DNSBL interface to the
blocklist with either silence or hazardous garbage. The only way to know
the base zone name would be to see a rejection message due to it (or
guessing, which admittedly isn't hard.) The online documentation of the
blocklist includes the current contents in a hard-to-parse but
human-readable format and direct clear warnings that it is not available
to the public as a DNSBL and that trying to use it in any form without
my active assistance and approval would be extremely unwise and violent
to normal email. Literally no one anywhere uses my blocklist as an
absolute rejection criteria, as no one should.
Every week, thousands of resolvers spread across hundreds of unique /24
nets ask for records in that DNSBL zone. The ones that get blocked from
port 53 at my firewall for a week at a time consistently come back after
their banishments within 12 hours and re-earn their blocking. No one
doing those queries can possibly be getting any utility from them. At
best, they get more than a UDP reply's worth of long-TTL records for
whatever IPs they happen to query in their weekly paroles. The number of
miscreants and volume of their queries has steadily grown over the past
decade.
--
Bill Cole
b...@scconsult.com or billc...@apache.org
(AKA @grumpybozo and many *@billmail.scconsult.com addresses)
Not Currently Available For Hire
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop