Martin Pool wrote:
If it was on any of the reputable blocking lists, I would not be able toOn15 Nov 2002, Tim Potter wrote:On Thu, Nov 14, 2002 at 09:05:27PM -0500, John E. Malmberg wrote:The SAMBA-TECHNICAL list reported that they have gone to the bl.spamcop.net blocking list, and it has been relatively spam free since then. The bl.spamcop.net is an aggressive blocking list with a quick trigger.We did start using spamcop for a while but there was way to much collateral damage inflicted on innocent parties. For example we missed several offers of free hosting for the samba.org main server.
And dp.samba.org (aka lists.samba.org) has an IP that is blacklisted by some people...
receive any of the SAMBA lists, and you would be getting the bounces.
QSL.NET uses aggressive spam blocking. It is in the terms of it's use.
I just checked on relays.osirus.com, and samspade.org. They show no listings.
IP-based blacklisting is too coarse a tool, and it makes it hard to make exceptions for people who really are not spammers, even if initially classified as such.I.P. based blocking has shown to be the only thing that motivates some
domains to act on abuse reports.
However, you can eliminate about 99% of spam with out using a blocking
list as aggressive as spamcop.
The http://relays.osirusoft.com/ is an aggregate of a number of block
lists, of various quality. Each list returns a different I.P. address
for a listing, so the SMTP server apparently can be configured to use
what ever level is needed.
And the bounce message can contain an alternate contact means such as a
web form if someone needs a white-listing.
Encompasserve.org uses MAPS and DUL, plus local blocking lists
maintained by the postmaster. It has a 99% spam free rate.
Most of the spam that gets through is from Open Proxies, and dial up
ranges that have not yet been listed.
As I stated before:
If you check the I.P. address that the spam came into the samba.lists
servers on, you will likely find that the spam came in on, and in this
order:
1. Open Proxies. - Rare to get a legitimate e-mail from these. To get
listed, means that the ISP is not acting on abuse reports.
Apparently MAPS is not listing these yet.
2. Dial-up equivalents, this is DHCP or modem lines. ISPs do not seem
to act on abuse reports for these claiming that they can not trace them,
so it has become standard procedure for most mail servers not to accept
any e-mail from them. Most Open Proxies are on dial-up equivalents.
These are listed in DULS, but some of the apparently free lists may be more accurate.
3. Open-Relays. Since spammers are mostly assuming these are blocked,
they are using open-proxies instead.
4. Known spam friendly domains. These are either countries that are
allowing large amounts of spam to be sent, or domains that are owned by
spamming operations. Once they discover your server, they will flood it
with spam until a block is placed on it.
So if someone is on those type of lists above, not being able to post to the samba mailing list is the least of their worries.
And if a hosting service is on a major blocking list for more than a week, it indicates that they are not acting on abuse reports, so are not a good choice
News reports say that spam has more than tripled in the last year, which seems anecdotally true. I think we're actually getting more accurate classification, it's just that the numbers are larger.QSL.NET went to aggressive spam blocking about two years ago. QSL.NET is a free e-mail and web and ftp site for Amateur Radio Operators, and runs entirely on donations.
Unlike home ISP users, a large enough outfit like QSL.NET pays by the killobyte for their Internet connectivity. And their measurements two years ago determined that over 30% of their operational costs were bandwidth charges were due to spam being sent to their members. That is why the blocks were put in place. If they used filtering there would be no cost avoidance.
This is also why the use of blocking lists are increasing. Cost avoidance. If QSL.NET is noticing these costs, you can bet that other ISPs are too.
I do not know if samba.org's bandwidth usage is high enough that to be billed by the killobyte, or if it is a flat rate.
Some time last fall apparently Korea passed an OPT-OUT with the equivalent of "ADV" in the headers law. Right after that, list that I subscribe to at a major university went from 2 spams a week to over 8 spams a day. 99% from Korea.
Now my spam is up that gets through both Encompasserve.org and qsl.net.
It is getting to almost an average of 1 a week, which is up from this last summer of 1 per month or less.
It is clear that just from the spam that I receive, spam is definitely up considerably. It is not just a case of better classifications.
And most of the spam that I get on my public addresses is addressed to a mailing list, not me directly.
I was off-line last week. There were 347 e-mail messages in my inbox.
After I parsed all of the spam through spamcop, there were only about 240 messages left.
Not very much spam came from any of the SAMBA.ORG lists, the majority came from a classic computer list, that does not appear to be blocking any of the Korean domains.
Of the spam that was sent to me directly instead of to a mailing list, there were only about 6 at the most. And I do not think that either postmaster is accepting e-mail from those I.P. addresses.
Now the other thing to consider is that when the filter makes a mistake and deletes a legitimate message, it is quite a while before the sender figures out, if at all that the message did not get through.
If the message is bounced, the sender knows immediately, and can use the alternate contact information, such as a web form to request a whitelisting. They also know that there is probably a problem with their ISP or with the particular block list, and they have the information needed to fix it.
And again, if someone is sending from an open-proxy, open-relay, or other known spam source, it is likely that not many other e-mail servers are accepting their e-mail.
And if a hosting service is being blocked by one of the major blocking lists, it is a good indication that any e-mail sent from them will not be widely accepted either.
So a web form can be used for when an I.P. address should be whitelisted, and a spam-assasin like filter can give you statistics to tell you if an address should be blocked.
Filtering makes spam your problem. Using a blocking list makes spam the problem of the ISP sending the spam. Eventually almost noone will accept e-mail from them, either from local blocking lists, or public ones.
-John
[EMAIL PROTECTED]
Personal Opinion Only
--
To unsubscribe or change options: http://lists.samba.org/mailman/listinfo/rsync
Before posting, read: http://www.tuxedo.org/~esr/faqs/smart-questions.html
