On Mar 10, 2004, at 5:27 PM, Rick DeNatale wrote:
I've taken the spamlist.org blacklist off of my server since the (I've been persuaded that it's just too harsh), and I've also removed the stearns.org blacklist, and Pyzor checks, and my scan times are down to 2-5 seconds, (usually), while my load averages are sitting under 1. What's odd is that once in a while I see a complete outlier- an 8K email took 71 seconds to scan, and another that took 47 seconds. The neighboring entries took under 8 seconds apiece.On Wed, 2004-03-10 at 08:12, Steve Yuroff wrote:
That's the first report I've had of the spamlist.org database bouncing mail from a legit source.
Are you saying that spamlist.org and the add-in rulesets I'm using are crap? They seemed to be useful, legit tools to me, but I'm here to learn. If it's to be avoided, I'm all for it.
My understanding was that the spamlist.org list would cut my processing
load at the MTA level... isn't it easier to not accept the mail, than
to accept it and then process it for ham/spam?
Unfortunately it seems that a log of ISPs are buying that line and just
using blacklists to reject e-mail outright. I hate spam, which is why
I've installed SA locally, and I'm sure that I'm doing a much better job
of filtering spam than my isp is.
Most of the blacklists claim that they have a very low false-positive
rate, but then most if not all warn against discarding mail based on the
BL alone. I first became aware of the isp/rbl problem when I tried to
trace down why yahoo groups was periodically suspending sending me mail
because I was bouncing it. The bounce history showed that my ISP was
giving hard bounces because the particular yahoo server was blacklisted
temporarily on spamcop.net. It was no use trying to convince my ISP that
they should not use an RBL to block mail, they LOVED the fact that the
load on their servers was reduced. The problem is that they had no way
of knowing whether or not the mail they were rejecting was in fact
legitimate.
More recently I've had more problems just trying to sign up for some support lists on sourceforge, because the registration confirmation email never got to me. I finally resorted to opening up my own MTA and got the email immediately via this back channel.
Using RBLs as one input to a filtering tool like SA might be a good
idea, but from what I'm seeing the growing trend towards using them to
block e-mails is a very bad one. I'm beginning to think that the USPS is
doing a better job of actually delivering my mail than a lot of ISPs do.
Sorry for the rant!
How can I determine why some messages take 10x longer to process than others? These messages seem to be only 1% of the traffic, but I just want to know what's so odd about them.
Thanks,
Steve.
