Mike Kenny wrote:
On 11/9/06, *Jim Maul* <[EMAIL PROTECTED] <mailto:[EMAIL PROTECTED]>> wrote:
I think pretty much everyone understand WHY people use these BLs. This
is not the point. The point is, its not a very good solution.
Is it even a solution? I guess that depends o nwhat the problem is. If
the problem is the volume of mail passing through the servers then I
suppose it is. The ultimate extrapolation of this is that in a perfect
world no mail would be allowed to pass through so that we can continue
to run our servers on 286s!
To me, a solution that in turn creates problems of it own, is not a
solution at all. It only shifts the problem elsewhere. Apparently,
thats good enough for many people out there.
Maybe I'm being naive but I thought the objectives were not to make live
easier for the mail administrator (though that would be nice) but to
ensure that the people who actually run the business (accountants, sales
staff, support engineers, CEOs, etc.) receive all relevant mail that is
sent to them and don't have to waste inordinate amounts of time wading
through spam. I see the first of these as being of signifcantly more
importance than the second.
Exactly my point. Users want 2 (at least!) things with email:
1. They want to receive all legitimate mail
2. They dont want spam
1. is extremely important and should NOT be compromised in any way by 2.
For example, to say that theres a trade off in that solving (2) in
any way affects (1) is just wrong. There should be no trade off. I'd
rather receive 1000 spams a day than miss 1 legit email and my boss agrees.
Blocking on content achieves the second of these, sorry if it now
requires more car and attention to keep that server running. Blocking on
the source IP address, purely because it may be dynamic or may have sent
spam some time in the past makes the first objective virtually
impossible to achieve.
Unless the spam vigilante sends a notification to the intended recipient
of every mail it has blocked so that they can check if this should have
been the action taken. This sort of defeats the second objective.
I am not against DNSBLs. What I would like to see is more honesty in how
they should they used. They are a tool, not a solution. Their web pages
should have a warning liek cigarette packs 'use of this service to block
rather than score emails can cause blindness, madness and bubonic
plague'. Too many of our users' destinations seem to be using these
sites as though they are infallible.
And all the people who recommend the blocking of mail based on these
lists are doing everyone a disservice - especially to those who dont
realize that these lists are, in fact, not 100% accurate. False
positives WILL happen.
Since it is the sender who is notified of the bounce, by our mail
server, not the recipient (who unknowingly sanctioned it) the problem is
placed at our doorstep to resolve.
mike
And i solve this problem by tagging the subject and passing the mail on
to the users mailbox. If they want to create a rule in their outlook or
whatever to send these tagged mails to the trash then that is THEIR
decision and if a legit message ends up in their trash they have no one
to blame but themselves. I clearly explain this to them when they ask
me to create the rule for them. I also suggest they browse through
their deleted items occasionally and check for false positives. If i
rejected their mail at the mta, there would be no notification that any
message even attempted to be delivered to them and they would have no
idea that there was even a problem. I guess some people are ok with
this, but I am not one of them.
-Jim
