J.D. Falk wrote:
By the by, I think I posted on this list a while ago on a similar question, as
to whether we could really trust *any* whitelists, as they simply made for a
*deliberate* target of botnet owners. No one made a fuss about it before, but
what about now? Maybe, once again, the flaw is in having a whitelisting system
that relies upon third party servers with unknown security.
We're EXTREMELY concerned about this as well, and we've got a 24x7 operations
staff keeping an eye on things. That's one of the reasons we charge money for
the service: it lets us buy hardware and software and hire staff to keep it
running smoothly, and securely.
I don't trust returnpath, and i have disabled their lists. The reason
being that shiny marketing websites don't convince me at all
I don't know if they're good or bad, and i have no data to prove
anything, neither do i trust any external data. In my eyes they're
simple a comercial entitiy whichs purposes are unclear to my uneducated
eyes.
Personaly i like the simple "hey we're having these policies and here's
a list you can use if you agree" kind, most blacklists are about.
Also i don't trust people who make up charts.
Honestly, if you want to convince people to run your lists, think about
the thousand of small scale systems out there, that don't bother to look
behind your shiny. I understand why no one is willing to report abusers
to your list. I searched 4 minutes, and couldnt find an abuse link at
all. I'm a lazy bastard easily scared away by suits and huge colorful
creep, and i might not be alone with that.
--
Arvid
Asgaard Technologies
