I'm afraid what I have around it is anecdotal. However, if the topic is of interest I would highly recommend setting it up in SpamAssassin or something like that, with a 0 score. Use that to gather data on it. I don't think you'd find any false positives from doing so. I initially imported the L1 list to kickstart our RBL (mxrbl.com) and the only requests for removal of those initial IP sets were from people who were compromised and then fixed it, or from new IP owners reasonably denying connection to the previous owner (OVH cloud mostly).

Of the third parties I've brought in to augment my spam fighting, UCE L1 probably generated the least complaints. Even spamrats generates more user complaints, despite being fairly sane.

On 2023-05-22 14:29, Bill Cole via mailop wrote:

On 2023-05-22 at 12:01:52 UTC-0400 (Mon, 22 May 2023 11:01:52 -0500)
Jarland Donnell via mailop <jarl...@mxroute.com>
is rumored to have said:

I have not personally run into anyone using L3 or L2 in my experiences thus far. Their L1 list is what most, if anyone, would be subscribing to I would think. Their L1 list is actually really, really good.

Do you have any hard numbers on this? E.g. on marginal improvement it provides?

My checking of it is very limited, as I only check what makes it to my eyeballs, which is not influenced by UCEPROTECT. So when I check an IP, it's because multiple more trustworthy DNSBLs, SpamAssassin, and my own bespoke tactics have failed to identify spam. I see almost no matches.

On 2023-05-14 05:47, Slavko via mailop wrote:

Hi,

i read multiple times, from multiple sources about UCEPROTECT
BL, how it is suspicious, etc...

Recently i got notification from ShadowServer, that i am on
blacklist, in particular on UCEPROTECT-L2 BL, which AFAIK
blocks whole networks as anounced by ASN. Thus i was curious,
what happens around me.

Today UCEPROTECT reports 32 incidents for /22 net. We can
discuss if 32 is enough for blocking whole network block or
not, but OK -- 32 incidents is over their policy... But all these
32 incidents was generated by 1 (one) IP! In other words,
one IP is enough for UCEPROTECT to block whole /22 network.

Now i really can know how wrong is this BL (and no, i never
used it, i even removed it from my check script)...

I am not very interested in that list, nor in how bad that RBL
is, but i am curious: is someone (bigger than personal) using
it? Or do you know someone who is using it? What is/can be
the reason to use it?

thanks

_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop

Reply via email to