At 8:45 AM -0700 8/31/2003, Tod Fitch wrote: >On Sunday, August 31, 2003, at 12:33 AM, Dave Pooser wrote: >> >><snip> (Today, for instance, it blocked 5029; cbl.abuseat.org >>blocked 3224-- thanks, Bill Cole, for introducing that list to us; >>sbl.spamhaus.org hit 3002; dialups.visi.com hit 121; and opm.blitzed.org hit >>14.) <snip> > >I like to at least read what the RBL has to say about its listing criteria and how >things can be delisted before I add it to my RBL list. So when I go to >cbl.abuseat.org I see that they specifically don't describe their listing criteria. > >Anyone know what the philosophy of that person/group is? How safe from collateral >damage would I be if I used it?
If you were subscribed to this list on 8-15, you might have seen... At 8:22 PM -0400 8/15/2003, Bill Cole wrote: >A newer list that I really like a lot in its performance is the CBL, described (to >some extent) at http://cbl.abuseat.org. It is a list of machines that have been >witnessed acting in ways that are specific to open proxies sending spam or >virus/worm-ridden machines. If you watch a heavily-spammed address for a while and >look at the proxy spam and wormware mail you can pretty easily identify such behavior >patterns, but whoever runs the CBL doesn't define them explicitly because doing so >would probably lead to those patterns changing. I have tested the CBL against a >rather large mail stream, and while I have as yet failed to get it accepted by the >people who make decisions there, the test showed it tagging about 25% of the inbound >mail without a single case of possibly legit mail being tagged. To put this in >perspective: no other DNSBL I've ever tested has caught more than 15% of any mail >stream and none that has beat 10% has done so without at least 0.1% false positives. > >There are issues with the CBL. One is that it is not clear who exactly is running it: >The domain is registered to Steve Atkins of Sam Spade fame (also someone whose home >I've attended a party in and whose wife Laura I've worked closely with) (Laura is >also now ED of the SpamCon foundation) The mail for it is handled by Al Iverson's >machine, and Al is also a friend and fellow co-worker who has built and run just >about the only ethically-conscious open relay DNSBL's . I have no qualms trusting >whoever Steve and Al have decided to sit in front of, and I have no worry about the >accountability of the CBL given that it is fronted by those 2 and has a very simple >removal procedure (self-service) and is not built on unauthorized testing of any >sort. People who are not me and tdo not have my very individual bases for trust may >be leery of the CBL, although anyone using SPEWS (i.e. including the aggregate >relays.osirusoft.com zone) probably isn't too concerned about using a list with vague >listing criteria and an anonymous maintainer. > > >-- >Bill Cole >[EMAIL PROTECTED] > -- Warren Michelsen <[EMAIL PROTECTED]> Online Tools For Business -- <http://www.OTFB.com/> Small Business & E-commerce web hosting ############################################################# This message is sent to you because you are subscribed to the mailing list <[EMAIL PROTECTED]>. To unsubscribe, E-mail to: <[EMAIL PROTECTED]> To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]> To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]> Send administrative queries to <[EMAIL PROTECTED]>
