> >>>> ... but who not to whitelist? > >>> > >>> the small guys. unfortunately, large ISPs like that have power in > >>> the > >>> number > >>> of users they have. in no way do I advocate defending that as a good > >>> thing, > >>> but the fact that this gives them an immense amount of power to do > >>> whatever > >>> they want regarding rfcs and whatnot remains a reality. smaller > >>> services are > >>> the only organizations who are going to actually be potentially moved > >>> to > >>> action by landing on one of these RBLs. when was the last time SORBS > >>> managed > >>> to change Hotmail's policies? > >> > >> Has SORBS ever really changed anyones policies? That's certainly not > >> what I use RBL's for. I couldn't give a rats posterior about whether > >> or not some spammer changes careers, or some mail server changes > >> configurations, or some ISP changes their appropriate use policies. > > > > It's too bad you have such a self-centered attitude about it. > > Me!? You're the one who presented the "when was the last time SORBS > ..." question as though it was some universal benchmark of RBL value.
Nope. The point that you entirely missed was that RBLs don't have much sway with services with huge numbers of users like Hotmail. Thus many of us cannot use RBLs on the front-line that block services like that. I never once said that SORBS et al. are useless, and did not reject their more lofty goals as irrelevant as you explicitly did. I, for one, enjoy the thought of people working together for goals outside of their own self-interest. > You're the one projecting their opinion onto other people here. I was How so? I can't believe you don't hear me when I say for the 100th time that services like ours that have a lot of users who expect to communicate with hotmail users cannot use an RBL in the MTA if it lists hotmail. The only projecting I've done is to assume (reasonably surely) that there are a lot of other admins/servcies in the same boat. > merely pointing out that it's not a universally relevant question to > determining the value of the RBL and who it chooses to block. An RBL is most certainly of less value *to our company* as a tool to be used in the MTA if it lists hotmail. Of course that is relevant. I'm still not saying that means they should change their approach -- I am, however, musing about how nice it'd be to have another RBL that worked mostly the same sans the hotmail listings. > >>>> And, it's not just that I don't think the RBL can do it, I don't > >>>> think > >>>> that kind of thing is the job of the RBL. I think that kind of > >>>> thing > >>>> is your job (or, in my case, it's my job). > >>> > >>> What's our job? Banning all of Hotmail? > >> > >> No. Your job is to tailor the tools you use so that they fit your > >> organization. > >> > >> SORBS job is to provide a list of sites that fit a particular > >> behavior. > >> > >> If you want there to be exceptions to that list, then it is YOUR job > >> to > >> make those exceptions, not theirs. > > > > Of course. Didn't you read the part of my post that started all this? > > Yes, I did. And I > > a) pointed out that such a service can't exist on anything approaching > a large scale (large enough to be worth running) because there is no > universal place to draw the cut-off for who to whitelist and who to not > whitelist, Most RBLs consist of some amount of listings based on subjective decisions. There is no reason that someone else can't start a list with this goal in mind. Dunno if it'd be popular or even successful, but I was musing. Allow one to muse, why dontcha. > b) that you can perform that service for yourself, by using their > blacklist as a starting point and trimming out those addresses that > match your whitelist, and then using that as your production list, And I said that I don't think it is desirable to place the onus of RBL maintenance onto all the sysadmins out there. > > Why are you so pissed off at ME for putting that out > > there? > > Who said anything about being pissed off? Your choice of words intone more than just arguing a point, the most obvious being asking if I know what a cron job is. Give me a break. > Though, you clearly don't get what I'm saying, so it does make the > conversation rather pointless. That's what I mean. Of course I understand your point, and I am explaining somewhat repetitively the parts I don't think you are addressing accurately. > >> that you quoted ... it is performed by a script. I do no such manual > >> thing. I get an email every few hours that tells me what happened, I > >> scan it for references to networks that I am responsible for, and it > >> tells me "yes, I removed all of those networks from our copy of the > >> RBL > >> zone". Then I put the zone into production on my own name servers, so > >> that I never see those sites showing up as RBL'ed. > > > > My point was that generally pulling apart RBL functionality and > > placing part > > of the onus of managing it back on the admin's plate is not going to be > > something that goes over well, even if you have a nifty script that > > works > > with one RBL. Sorry you missed it. > > a) I'm not altering RBL functionality in any way; I am altering a data > feed You are managing RBL functionality as the process that uses it sees things. Manipulating RBL data is part of RBL funcionality in general as I see it. Just as you don't see the RBL I dream of as viable, I don't see your approach gaining wide acceptance either. > >>>> Here at UCSC, we use spamhaus (both SBL and XBL). In order to make > >>>> sure my own users/customers don't get blacklisted, I have a cron job > >>>> that: > >>>> > >>>> a) use rsync to get a local copy of the zones. > >>>> b) grep the files to notify me if any of my own addresses are > >>>> listed, > >>>> so that I can follow up on why. > >>>> c) grep -v the files to remove any of those addresses from the zone. > >>>> d) takes the end result and puts it into a place where my name > >>>> servers > >>>> will pick it up. > >> > >> See. Automation at work. Computers are useful that way. > > > > Yah let us know when you've scripted a way to brush your teeth too. I > > just > > don't get this cron thing. > > What do you not get? How you make it brush your teeth. Did you add some hands and feet to the cron? > >>>> Alternately, you could create a set of rules that counter-weights > >>>> the > >>>> spam assassin results for those RBL checks, if they happen to be IP > >>>> addresses you need to hear from. > >>> > >>> I actually don't think it's much of a problem if such mails get > >>> tagged > >>> as > >>> spam. The user can then adjust their SA settings. The problem is > >>> when the > >>> mail can't get to the mailbox at all. > >> > >> Ah, you see, in my environment, there's no difference there. We do > >> deliver all spam, but it seems that "users checking their spam > >> folders" > >> is almost unheard of around here. > > > > Woa. This thread, from the start, has been about using SORBS as a RBL > > in the > > MTA to *block mails*, NOT using it for SA scoring, which is where we > > will > > continue to use it. > > Pardon, I mispoke right there. We do both. We do RBL blocking at the > MTA, and RBL checks in SA (in case an earlier hop than the immediate > relay had been RBL'ed). But, once it gets to SA, we deliver all -- we > don't bounce/reject/discard at the SA stage So we circle back to the start: you apparently have a utopian user community that does not have any need to correspond with hotmail users. For the rest of us, SORBS can't be used in the MTA if it blocks Hotmail. Too bad - really too bad. And to that, you say if I care, I should pull out the Hotmail listings before I toss it to the MTA. The last thing I want to do is personally manage Hotmail's IP addresses locally. So we remove SORBS from the MTA and we still dream of a SORBS-like RBL without Hotmail listings. __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
