Re: What's with UCEPROTECT List?

[Marc Perkel]

Matt Kettler wrote: Marc Perkel wrote: Matt Kettler wrote: Marc Perkel wrote: I'm having problems with my spam filtering servers getting listed on UCEPROTECT and can't figure out why. Is anyone familiar with how this blacklist works and what I need to do to not get listed? They seem to hate sender verification - but I'm not going to give that up. What do you mean by "sender verification".. .you mean challenge-response systems (ie: TMDA)? Or do you mean systems that connect back durring the MAIL FROM: phase and merely validate an address exists without delivering mail? If you mean challenge-response systems, then in my opinon you're a spammer and belong in a blacklist. Sender Verification is an Exim trick. What it does is start a sequence where my server starts to send an email back to the sender address to see if it's a real email account. But I do a quit after the rctp to: command. If the receiving end says the user doesn't exist then I block the email. I don't know if other MTAs support sender verification but if they don't they should. It's a very good trick for blocking spam at connect time. That seems reasonable.. several ISPs do this now too (ie: verizon). Sendmail can do it with milter-sender too. That said, some folks still hate it because you're using some (very little) of their CPU and network to handle your spam. I personally think they're wound over-tight about it, but it can drive your IDS guy nuts. (IDS systems generally don't like sporadic seemingly useless connections, they look like someone trying to do slow recon.) I also don't think it really buys you that much, as most spam nowdays seems to use real deliverable addresses for the envelope. Do you have any stats on how well this works for you? I personally only do a MX (or implicit MX) check on the domain of the envelope sender. But it take a lot less CPU that it takes to run it through SA. I manage to classify 95% of incomming with Exim rules and I just run SA on the remaining 5%. So sender verification works for me. And I welcome it when others verify my domains. The bottom line is what uceprotect is doing sucks because they are blacklisting as spammers peoiple who are in the business of blocking spam. And when they are making that kind of mistake it really shows that their service is piss poor. If you run a blacklist and you can't tell the difference between a spammer and a spam filtering service then you suck. So - uceprotect - you suck! Can I say that here?