I'm afraid what I have around it is anecdotal. However, if the topic is
of interest I would highly recommend setting it up in SpamAssassin or
something like that, with a 0 score. Use that to gather data on it. I
don't think you'd find any false positives from doing so. I initially
imported the L1 list to kickstart our RBL (mxrbl.com) and the only
requests for removal of those initial IP sets were from people who were
compromised and then fixed it, or from new IP owners reasonably denying
connection to the previous owner (OVH cloud mostly).
Of the third parties I've brought in to augment my spam fighting, UCE L1
probably generated the least complaints. Even spamrats generates more
user complaints, despite being fairly sane.
On 2023-05-22 14:29, Bill Cole via mailop wrote:
On 2023-05-22 at 12:01:52 UTC-0400 (Mon, 22 May 2023 11:01:52 -0500)
Jarland Donnell via mailop <jarl...@mxroute.com>
is rumored to have said:
I have not personally run into anyone using L3 or L2 in my experiences
thus far. Their L1 list is what most, if anyone, would be subscribing
to I would think. Their L1 list is actually really, really good.
Do you have any hard numbers on this? E.g. on marginal improvement it
provides?
My checking of it is very limited, as I only check what makes it to my
eyeballs, which is not influenced by UCEPROTECT. So when I check an
IP, it's because multiple more trustworthy DNSBLs, SpamAssassin, and my
own bespoke tactics have failed to identify spam. I see almost no
matches.
On 2023-05-14 05:47, Slavko via mailop wrote:
Hi,
i read multiple times, from multiple sources about UCEPROTECT
BL, how it is suspicious, etc...
Recently i got notification from ShadowServer, that i am on
blacklist, in particular on UCEPROTECT-L2 BL, which AFAIK
blocks whole networks as anounced by ASN. Thus i was curious,
what happens around me.
Today UCEPROTECT reports 32 incidents for /22 net. We can
discuss if 32 is enough for blocking whole network block or
not, but OK -- 32 incidents is over their policy... But all these
32 incidents was generated by 1 (one) IP! In other words,
one IP is enough for UCEPROTECT to block whole /22 network.
Now i really can know how wrong is this BL (and no, i never
used it, i even removed it from my check script)...
I am not very interested in that list, nor in how bad that RBL
is, but i am curious: is someone (bigger than personal) using
it? Or do you know someone who is using it? What is/can be
the reason to use it?
thanks
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop