On Nov 28, 2004, at 8:35 PM, Bob Amen wrote:
John Rudd wrote:
On Nov 28, 2004, at 9:00 AM, Bob Amen wrote:
It's very depressing and getting worse, according to my mail servers' statistics.
Hm. My mail servers' stats say it's getting better. For example, at home, I think I've only actually seen 1 spam message in the last month. I think 4 or 5 more got caught by spam assassin. And the rest are all filtered out by an aggressive greet delay, connection rate control, and spamhaus. At work, in the last month, we've cut our spam rates by about 90%.
And you said "an aggressive greet delay." I tried that and found too many false positives with legitimate mail servers that are poorly configured. The only recourse for those false positives is another means of communication (eg. telephone).
What time frame were you looking at it? I had one false positive back when it was still experimental (before Sendmail had implemented it), from mac.com. I filed a bug with apple, and an employee there, that I knew, made sure it was fixed before she left to become a full time mom.
I'm aware of a problem with verizon's callback feature, for which I make an exception (in the form of a lower delay than their callback's timeout). That's my intended means of handling problem sites.
I haven't heard directly about any other problem sites, but during that same experimental stage I saw one or two odd behaviors from prodigy, but wasn't able to nail it down to being greet delay related ... and I haven't seen it since.
Where were you seeing false positives?
Don't blame me and the other mail server admins if you can't get mail to our systems because you are sending from a machine on a DSL modem. Blame the spammers and those that buy from them!
Sorry, but that's a complete cop-out BS statement. The culpability of those who support spam is not a magic pardon for all anti-spam ends to justify their means.
That's not what I was saying.
It may not be what you intended to say (though the rest of your message still sounds that way to me), but it is what the wording of your message says. "It's not my fault your message got blocked when I decided to deploy blacklists".
Yes, it is your fault. You chose to use blacklists. No one else made that choice (well, ok, maybe your boss did, but the point is the same). I'm not saying it's the wrong decision, or that it isn't the best practical decision, I'm saying that the reason their legitimate messages get blocked IS because you chose to use a blacklist. Trying to rationalize it by talking about the larger spam war, saying that "they made me do it because of their actions" IS passing the buck (it's also amazingly like "I hit him because he hit me first" -- the actions of "him" don't change the fact that the speaker hit him too). No matter how you feel about the decision on the practical level, on the literal level, the spammers did NOT force you to do it, you did it of your own free will. Period.
I'm not saying you should be ashamed of it, or even apologize for it ... far from it, I'm proud to use the blacklists I use, and so should you. We've selected tools that we feel make the right trade-off between practical need and collateral loss. But don't then undermine your own decision by then saying "oh, I did it because of the big mean spammers, so don't blame me that your message bounced". Don't disrespect those people caught in your collateral damage by denying that that's what you've done.
Stand up and say "I'm the reason your message bounced, because I'm protecting my system and my users from abuse by people who are abusing loop-holes in some mail systems; you can avoid being caught by it by following some best-practices." While the message about the bounced-user's activities is the same, it avoids the passing-the-buck nature that IS present in your original message.
