Exactly the point I was making.
I don't use ISP filtering either.
I don't recommend it.
I/we use my/our own mail servers (one at home for my home domain, and another at my job) I surely would not trust filtering that I could not control to some extent. If something shows up being blocked that should not be (which is VERY rare in my expoerience) I want the ability to see the rejection on the server, the ability to whitelist by IP, etc.
These are your value judgements. Do not try to impose them upon others unless you are willing for them to impose theirs upon you.
I have slightly different values. I deplore dropped email, and deliberately turn my ISPs filters off. I'd rather get
100 spam than lose one legit email. Some email still gets dropped (SMTP timeouts, I suspect)If you really want filtering, subscribe to AOL.
-- Robert
I run several mail servers. I use blacklists with them. But I use the lists I use for very specific reasons. It's my server, my choice.
They also seem to go through a life-cycle. Grow up good and popular, then eventually go activist, corrupted by power. And die.
I'm not sure this is true. I believe AOL has fairly rigid and
Not that I approve of blacklists, but I suppose it is a ratio thing. Anyone sending out too high a proportion of spam to legit email over some observation period "makes the cut" and gets on the list.
-- Robert
No. In this day and age no server should send bounce messages ever, for any reason!
The 5xx error message the sever generates should be enough for the sender to know there is a problem.
Good against dictionary attacks, but the trap address has to remain secret and rotated or it is subject to DoS.
Why not? I do it all the time. Partly for reliability, partly to avoid email being controlled through approved senders.
They should still end bounce messages.
-- Robert
I don't see much coming from AOL. I see frequent 419 scam mails from hotmail and yahoo. Two from hotmail hit my spamtrap mailboxes this morning.
How would you feel if your mail server (and leased static IPs) had NEVER sent spam, yet, you were blacklisted because the list keeper had an issue with your ISP, and blacklisted the ISPs whole block of addresses. Some of which the ISP had leased to you?
That is one of my problems.
Running a secure well configured spam-free mail server is not enough. You've got to get over the blacklist owners grudge against your ISP. Even when the ISP is NOT HANDLING YOUR MAIL. Call that "accurate"? I don't.
-Frank
Yup. Agreed. I was imprecise as well. Receiving MTA should NOT send bounce, senders MTA sending a bounce is not that bad as long as it is not an open relay and only accepts "from" addresses from it's domain.
If the server allows "return path:" to be spoofed, and some user starts spewing viruses or winds up zobied and spewing spam to the server, the bounces go to the forged reurn path. Not good.
What drives me crazy is relaying, where the relay accepts EVEYTHING and then sneds a bounce if the mail cannot be delivered to the final destination. The backscatter from that when a spam run hits it...
It would largely depend upon the legitimacy of the issue. If the issue was legitimate, and the ISP didn't handle it well, I'd be mad at my ISP. If the issue was bogus or the blacklist didn't handle it well, I'd be mad at the blacklist.
With the blacklists that matter, this type of issue has, in my exeperience, largely been the case of a policy difference between the ISP and the blacklist. That is, the ISP believes its policy is legitimate and the blacklist does not. Remember, it's the purpose of the blacklist to list those ISPs whose policies are not legitimate in its judgment. As long as it is enforing the policies it claims to be enforcing, the blacklist is doing its job, relaying accurate information.
It really depends if it is just a grudge or a legitimate complaint. A blacklist is only as good as its reputation for accuracy. A blacklist nobody uses can't hurt you at all, and the only reason someone uses a blacklist is because it has a reputation for accuracy. (Unless they're stupid and just choose blacklists randomly, in which chase they have every right to DoS themselves if they want to.)
DS
Agreed with respect to the receiver MTA. I was being imprecise.
Yes, and the sender's MTA can send the user a bounce msg if they choose to.
-- Robert
Well, when that happened to me I demanded the ISP terminate the offending accounts that had generated the complaints. When a couple days went by and I saw the idiots were still up, I switched to another ISP.
What list were/are you on?
Did this happen before or after the IP block became yours? If your ISP had blocks listed before you signed up, you have no-one to blame but yourself.
In any event, getting delisted from most major lists is not hard if the ISP does what it should.
No. Running a secure well configured spam-free mail server from an ISP that does not harbor spammers is enough. That last part is critical.
The lists that do that don't claim to be lists of spammers. They claim to be lists of spam friendly sources -- ie: isps that do not nuke spammers in a timely fashion, or allow ROKSO listed people to get accounts, or host websites advertised in spam, etc. People who use these lists would seem to agree this is a GODD thing to block (people like me, for instance)
senders MTA should only send bounces for mail that it sent. And as you correctly point out, not to a return path other than from whence it would accept mail.
Open relays are bad. Bad. Bad. Bad. A leftover from the days of bang path addressing.
-- Robert
Entirely true. The blacklist operator is using you to pressure your ISP. Some people think that's fair. Others don't. Too much of this [legit mail blocked], and people stop using the blacklist.
A buddy at a local firm lost a big email contract award in a three day-old blacklist. It was banished in a big hurry.
-- Robert
I agree with all but the part about hosting websites advertised in spam. It is almost never possible to determine that the web site had any connection to the spam and joe jobs are common.
DS
I'm not on any of 'em anymore. However, I was on about 15 of 144 at one time. I finally got myself removed from every one (just rechecked). So, what am I going on about? It just pisses me off that someone can get caught up in this deal after PURCHASING (as in BUYING FOR HARD CASH) IP addresses to use, and then be punished because someone doesn't like the practices of the ISP you bought them from. Especially, in my case, since I purchased the IPs directly from a damn backbone carrier (QWEST). A huge block of Qwest owned IP were blocked. So, when they leased them out to someone like me who handles their own mail, they were already blacklisted.
I actually finally got removed from all the blacklists communicating directly with the respective blacklist keepers. But since I never sent any spam, it just pisses me off I had to do this. I would guess that a ton of people don't even know HOW to deal with these blacklist keepers.
Having said that, I will admit that many of 'em do a pretty good job of providing info on why your IP was blacklisted (notice I didn't say "why YOU were blacklisted" - It's all just a numbers game and depends on what ISP owns what numbered IPs a lot of times). When they are later leased out to you, you pay the penalty for any real or perceived ISP indiscretions.
Okay, I'm done venting. I still think the whole blacklist thing is archaic. I don't use them in my server. Instead I use a weighted spam identification method that is included with my server. Works well for me. It evaluates emails on an individual basis, not just on an IP basis.
-Frank
A blacklist is just another factor that you could or might weigh when making the decision of whether to accept a mail or not.
If you used blacklists, you could either:
A) Reject fewer valid emails, or
B) Accept less spam.
This is true unless you think an email from a blacklisted server is just as likely to be spam as an email from a non-blacklisted server. Do you really believe that?
DS
That is mathematically impossible unless you believe that an email from a server in a blacklist is more likely to be spam than an email from a server that's not. For any blacklist where that was so, you wouldn't use the blacklist.
I don't think you understand what I'm saying. I'm saying that you have elected to reject spam using a statistical scheme. You will reject some percentage of valid email and you will accept some percentage of spam. I'm saying that with a blacklist, you could improve those percentages.
You aren't reading what I'm saying. I never said anything about blocking a server entirely.
DS
You forgot C) Or reject more valid emails.
And I think B) should be: Accept less email from servers that could POTENTIALLY have spam. Anytime you accept less email from any server you reduce the potential spam. We need a balance :)
I believe there is a big problem with your (apparent) philosophy. That is, just because a server was once used to send spam does not mean that 100 percent of that servers offerings in the future are going to be spam. So, what's the percentage? 10/90? 50/50? 90/10? Either way, by blocking a server entirely you ARE going to lose valid emails.
-Frank
Let me elobrate - It's servers that host spam advertized websites that remain up after the provider has been LARTed a few times, but refuses to do anything.
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.