On Mon, 14 Jan 2002, Bill Triplett wrote:
> I was wondering if anyone is using any of those anti-spam relay
> blacklist features[1] to block spam. If so, which one and what kind of
> results are you seeing? Are there alot of false positives?
I use several and am very active with orbz -- I may be reached
through herrold@orbz.org, for example -- one of three working
'real' email addresses in that domain, I believe, as the time
I was afforded that cortesy by the Admin at ORBZ.
That mailing list is quite good -- Russel Nelson (of Cynwer
drivers fame) fought it out there over the weekend. Hard core
spammers try to convert the RBL'ser there as well.
I offered a extended technical proposal for greatly speeding
RBL filtering with checking on ALL hops, rather than just the
LAST hop, over the weekend as well:
http://www.orbz.org/list.cgi?mss:1100:200201:mnbjgdfcfolejabghgff
Orbz has ZERO false positives -- ZERO -- for every listing is
backed up with a piece from the ORBZ tester.
As to your question, see:
http://www.orbz.org/list.cgi?mss:1120:200201:killgealghdpcjljpcgf
which states in part, answering a similar question:
... I run automated processes which harvest and submit to ORBZ
and another testing blocklist the IP of every mailserver which
has had a piece of mail pass through it which is eventually
offered to any of 7 primary, geographically [diverse]
mailserver clusters I admin, handling a couple 100k pieces a
day, in aggregate.
... and submit _every_ IP to orbz.
The more people who use orbz or a competitive RBL, the more
likely the owner of an open relay will have a customeer's mail
bounced. The more bounces in the hand of end customers, the
less the admin of the open relay can stay in denial.
The only way to stay off the OR blocklists -- is to not run an
open relay.
-----------------snippet ends ----------------------
> If you aren't using one, and there is a specific reason or bad
> experience with them, I'd really like to hear about that.
Between 20% and 40% of my mailload transits through Open
relay's -- and most of that is spam. Pure and simple. A
correspondent can clean up their act, find a new ISP, or I'll
do without corresponding with them. ... but some may consider
my unreasonable.
> We're moving our company mail server from Eudora Internet Mail Server
> (on a Mac) to linux, and I'd like to take advantage of some of the
> features that this move opens up.
My sendmail.mc is somewhat complex, but it is amazingly good.
I maintain a tools page at:
ftp://ftp.owlriver.com at /pub/local/ORC/rblcheck/
which includes a command line tool rblcheck to permit
one-off testing of IP's.
-- Russ Herrold
This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 18:56:04 EDT