I agree with Slavko here. Uceprotect must not be used to block spammers as it wrongly list entire block that includes legitimate sender in it, for the sole purpose that some spammers are in that block.
But to get circle back at email forwarding and Gmail issues, there is one point that bothers me with ARC and I'd like that someone could tell me that I'm wrong (with valid arguments, of course). ARC tells the receiver party that the sender is not the original one, but that sender signed the previous state of AR headers (SPF, DKIM and DMARC state), which they now somehow broke but "it's okay because the original source was different". Now, if I'm a bad person, I can easily create fake previous headers that looks like it's coming from, say, the IRS, and say that it's passing the SPF and DMARC with great success. I would sign my ARC with my domain, which I control, and in theory, the receiving party would receive an email from me, supposedly originated from the IRS with valid SPF and DMARC because I told so, and signed it ? This would work if you could trust me in that scenario, but how can you? I'm definitely opposed on building a (white) list of allowed domains, as it would give even more power to the big ones (you'd certainly include GAFAM in it) and gives nearly an impossible state for all the small ones, or the new ones. If you exclude that whitelisting, ARC (for validating) is absolutely useless. Am I wrong? Le ven. 9 févr. 2024 à 08:03, Slavko via mailop <mailop@mailop.org> a écrit : > Dňa 9. februára 2024 6:11:29 UTC používateľ Marco Moock via mailop < > mailop@mailop.org> napísal: > > >dnsbl exists and some lists (e.g. uceprotect L3) entirely list ISPs > >that have a huge amount of spammers in their network. > >The more servers that block those ISPs, the less customers will use > >them for mail. > > No, that is wrong understanding of UCEPROTECT's L2 & L3, > they are for signaling to ISPs, that something is wrong in their > network(s). > > As i prove some months ago, L2 listed whole /22 block due > 4 or 7 (i don't remember exactly, you can search archive) issues. > Do you consider that as huge? I don't... > > But yes, using its L2/L3 to reject will solve all your issues with > incoming mails and you save a lot of disk space :-D > > regards > > > -- > Slavko > https://www.slavino.sk/ > _______________________________________________ > mailop mailing list > mailop@mailop.org > https://list.mailop.org/listinfo/mailop >
_______________________________________________ mailop mailing list mailop@mailop.org https://list.mailop.org/listinfo/mailop
