On Tue 20/Aug/2019 23:11:27 +0200 Michael Stone wrote: > On Tue, Aug 20, 2019 at 11:10:08PM +0300, Reco wrote: >> On Tue, Aug 20, 2019 at 03:45:31PM -0400, Michael Stone wrote: >>> On Tue, Aug 20, 2019 at 08:39:43PM +0300, Reco wrote: >>>> Unless a blacklist adds victims by AS number, a change of MTA's IP >>>> (hence the hosting) and an appropriate DNS reconfiguration is >>>> sufficient to sidestep it. >>> >>> And cause different issues, because you're no longer on an IP with an >>> established history. >> >> A blank slate. There's nothing wrong with it. > > Except that other anti-spam algorithms take into account how long a > domain has been around, and how long a specific IP has been in use for > that domain. (In order to try to counteract spammers doing exactly > what you're recommending in order to avoid IP based blocklists.)
Normally, change of IPs occurs every time you find a better ISP. >> Blacklists are called that for a reason, they do not block whole >> IPv4/IPv6 address space.> > Sure they do. Even in this thread you've heard people advocate > blocking entire countries. You seem to be arguing based on some > particular blacklist implementation without recognizing that other > recipients use other blacklists, some of which may even have policies > that you might think are idiotic. If you're trying to send an email to > someone whose provider implements idiotic policies, your assessment of > their policies is basically irrelevant. (Though it may eventually > encourage you to simply stop caring about whether the email gets > delivered.) Widely used domains usually adopt policies which grant decent deliverability. Hotmail users are obviously happy having every new contact's message delivered in their spam folder. I prefer a spam folder not having to be rummaged through —SA score ≥ 9. >>> You're also assuming that they're blocking by IP rather than domain, >>> which is quite bold assumption since the blacklist is a black box and >>> domain based blacklists most certainly exist. >> >> Haven't encountered one yet, but I trust you on this. > > As an example, see https://www.spamhaus.org/dbl/ and "RHSBL" These lists are used for content inspection. If a message contains a link to a bad web site, presumably inviting recipient to click on it, it is worth blocking it. That's a somewhat poor technique. M$ rewrites links so as to redirect them to a local proxy. Another approach is to use DNS RPZ. >>> Or, you're trying to send to someone who's blacklisting broad ranges >>> of IPs or ASs and you're just wasting your time changing IPs. Nothing >>> like find that out after going down that road. >> >> And that's where "hosting" comes into play. Blacklisting, say, whole >> Amazon AS is a little extreme, don't you think? > > See above. Also, there are certainly recipients who are more skeptical > of amazon IPs exactly because they're so easy to spin up. Also, amazon > themselves will ask questions if you start hopping IPs and asking for > PTRs on each of them for email delivery. > > Again, each of these things is usually surmountable, but rational > people eventually have to ask whether it's worth the effort vs > throwing in the towel and outsourcing to a first tier provider. It is true that many people turn to Gmail and similar services. The reasons why they do so are certainly complex, but I don't think getting out of blacklists holds a relevant position in the overall statistic. I, for one, never had this problem after 20+ years of running my own mail site. Best Ale
