On 12/27/2012 9:17 AM, mouss wrote: > Le 27/12/2012 04:05, Stan Hoeppner a écrit : >> On 12/26/2012 6:19 PM, Noel Jones wrote: >>> On 12/26/2012 4:52 PM, Stan Hoeppner wrote: >>>> On 12/24/2012 4:57 PM, Noel Jones wrote: >>>> >>>>> Opinions differ on psbl.surriel and barracudacentral, >>>>> but they are frequently used in scoring rather than outright. A >>>>> site listed on two of these three is likely spam, a site listed on >>>>> only one of them is questionable. >>>> Nonsense. The mere fact that a listing on one DNSBL is absent on others >>> >>> Glad it works for you at your sites, I use them too. >>> >>> As with all third-party blacklists (and whitelists!) each sysop >>> should make their own decision about who to hand the keys to. When >>> giving advice to others knowing next to nothing about their local >>> policy, it would be foolish to be anything but conservative. >> Yes, conservative. Note my last response in this thread which contained >> this instruction with my scoring recommendation: test first >> > > unfortunately, testing isn't enough. things keep changing: > - DNSBL listings change. > - sites situation changes > - new sites appear > ... > > when I first tested BRBL, I found it safe for outright rejection. but > this didn't last. > I also added local rules, which worked for a long time, but many of > these rules proved unsafe.
mouss, what you and Noel are failing to take into account is that Alex sells anti spam appliance boxes for a living. He has boxen at sites with enough volume to require a Spamhaus pay license (the commercial aspect of his boxen not withstanding). My recommendations to him are based on the fact that he (should have) some requisite knowledge and experience with DNSBL usage and general mail admin experience above noob level. Thus I was giving him quick 'n dirty instruction with sparse caveats/reminders, not the step by step stuff with lengthy explanations designed to educate noob admins to keep them from shooting themselves in the foot. I.e. he would perform a little due diligence on the information I provided before jumping in with both feet. Using DNSBLs always has a small amount of FP risk, whether configured for direct rejection or scoring. Scoring mitigates FP risk but it does not eliminate it entirely. So we can go round 'n round about the best/proper/safest way to use a DNBBL, but at the end of the day, yes, it is up to the individual admin to decide how to best use them. Which is why, in this case, I gave an assumed to be experienced admin, selling commercial solutions, the aggressive approach with the testing reminder and the assumption he knew what he was doing. If I made a mistake here, it wasn't my recommendation per se, but was my assessment/understanding of the OP's knowledge/experience level based on his business, and interaction with him both on, and extensively off, this list. No offense intended here toward Alex. -- Stan
