Sam,
thank you for the clear explanation, I suggest you to put this in
your faq.
I created a survey if you think it could be interesting.
http://www.polldaddy.com/s/CB9E7E84DD0817C3/
Ciao
Paolo
Il giorno 26 gen 2008, alle ore 00:49, Sam Clippinger ha scritto:
RBLs and RHSBLs work differently. RBLs list the IP addresses of
machines, RHSBLs list the domain names.
Advantages of RBLs: they can list IP addresses of machines without
rDNS
names, they can list whole blocks of IP addresses that may host many
different domain names, a listed IP address will remain blocked
even if
the domain name changes, they can be checked very quickly when the
remote server first connects. Disadvantages of RBLs: spammers tend to
move their servers a lot so RBL listings can quickly become outdated,
one IP address can host many domains and blocking them all may not
be fair.
Advantages of RHSBLs: all listed domains are blocked no matter what IP
addresses they use, the sender's email domain name can be checked in
addition to the server's IP address. Disadvantages of RHSBLs: more
network activity is required before the RHSBL can be checked, spammers
tend to change their domain names a lot so RHSBL listings can quickly
become outdated.
Disadvantage of both: when using a list maintained by someone else,
your
mail is at the mercy of their policies. Blacklists are not silver
bullets. Every list operator has different rules for being listed and
delisted. Some are more lenient than others. For example, some
operators require a server to send multiple spams to a honeypot
address
before they will be listed. Others require only one. Some operators
will delist anyone who asks (and relist them if they re-offend).
Others
require lengthy processes, including monetary payment. Before you
use a
list, you should read their policies very carefully and do some basic
searches for complaints against them (not all operators follow their
written policies). Blacklist operators have been known to list huge
blocks of IP addresses in attempts to pressure ISPs to cancel
spammers'
accounts. You must be sure you are willing to be part of those
actions.
In other words, the list operator is only responsible for the
list. You
are responsible for your mail server.
As to the risk of false positives, every filter can incorrectly reject
legitimate email. Every administrator must experiment to determine
how
many rejections they are comfortable with.
Personally, on my server, I use all four of the filters you mentioned
(and more). For me, the most problematic is "reject-unresolvable-
rdns"
but I'm willing to whitelist the few legitimate senders that are
incorrectly blocked. I feel the benefit outweighs the inconvenience;
that's my decision to make.
-- Sam Clippinger
Paolo wrote:
Hello everybody,
I hope this is not a FAQ , I'd like to know if there is some
reason to
prefer rbl to rhsbl .
Wouldn't it be nice to write down a list of options with
explained how
much is the risk of rejecting good mail ?
for example in my configuration I've not enabled these options and
would
like to know if they could generate many false positive:
reject-empty-rdns
reject-missing-sender-mx
reject-unresolvable-rdns
reject-ip-in-cc-rdns
Maybe it could be useful to make a survey of people's enabled options
and most used rbl ?
Thank you
Ciao
Paolo
---------------------------------------------------------------------
---
_______________________________________________
spamdyke-users mailing list
[email protected]
http://www.spamdyke.org/mailman/listinfo/spamdyke-users
_______________________________________________
spamdyke-users mailing list
[email protected]
http://www.spamdyke.org/mailman/listinfo/spamdyke-users
_______________________________________________
spamdyke-users mailing list
[email protected]
http://www.spamdyke.org/mailman/listinfo/spamdyke-users
