bogus blacklists - Debian

This is a discussion on bogus blacklists - Debian ; www.dnsstuff.com says don't use: > BLARSBL, FIVETENIGNORE, FIVETENSRC, JAMMDNSBL, SPAMBAG, SPEWS > (these block large IP ranges) > MAPS-DUL, SORBS-DUHL > (these knowingly list IPs that do not meet listing criteria). I inherited some IP space listed at five-ten and ...

+ Reply to Thread
Results 1 to 5 of 5

Thread: bogus blacklists

  1. bogus blacklists

    www.dnsstuff.com says don't use:

    > BLARSBL, FIVETENIGNORE, FIVETENSRC, JAMMDNSBL, SPAMBAG, SPEWS
    > (these block large IP ranges)


    > MAPS-DUL, SORBS-DUHL
    > (these knowingly list IPs that do not meet listing criteria).


    I inherited some IP space listed at five-ten and blars, but nowhere
    else. Anyone using them?

  2. Re: bogus blacklists

    No one in their right mind would block using BLARS, SPEWS, or the FIVETEN*
    block lists, at least not in a commercial setting where receiving email
    consistantly is important. You could certainly use them as part of a scoring
    system like Spamassassin. And on a private email server, well, you can block
    the whole world and it wouldn't matter, the only person losing email is
    yourself.

    Spamhaus tends to be rather good, and their XBL/CBL block list is quite
    effective. Not many false positives, and collateral damage tends to be kept
    to a minimum. So it is good for commerical/work settings.

    Even the generally effective Spamcop should really only be used in a scoring
    system, not outright blocking, because we've seen cases where IPs are
    reported by just 1 or 2 users and already it causes that IP to be blocked,
    so sometimes it doesn't take much for a relatively high volume ISP email
    server to get blocked accidentally by people reporting spam. I think they
    change their algorithms every now and then, so maybe they have changed the
    above behaviour recently.

    I like using actively maintained lists, rather than ones that tend to get
    stale quite quickly... and ones that aren't anal and say you need to
    "donate" $50, $100, $1000 to them to remove a listing, especially ones that
    want to charge you even if THEY made the mistake! I've never been in any of
    these "charge you" lists, but i can imagine that if you were in one, what
    kind of hell you'd have to get out.

    ----- Original Message -----
    From: "John Kelly"
    To:
    Sent: Thursday, July 20, 2006 10:15 PM
    Subject: bogus blacklists


    www.dnsstuff.com says don't use:

    > BLARSBL, FIVETENIGNORE, FIVETENSRC, JAMMDNSBL, SPAMBAG, SPEWS
    > (these block large IP ranges)


    > MAPS-DUL, SORBS-DUHL
    > (these knowingly list IPs that do not meet listing criteria).


    I inherited some IP space listed at five-ten and blars, but nowhere
    else. Anyone using them?




    --
    To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
    with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

  3. Re: bogus blacklists

    torsdag 20 juli 2006 16:15 skrev John Kelly:
    > www.dnsstuff.com says don't use:
    >
    > > BLARSBL, FIVETENIGNORE, FIVETENSRC, JAMMDNSBL, SPAMBAG, SPEWS
    > > (these block large IP ranges)

    >
    > > MAPS-DUL, SORBS-DUHL
    > > (these knowingly list IPs that do not meet listing criteria).

    >
    > I inherited some IP space listed at five-ten and blars, but nowhere
    > else. Anyone using them?
    >
    >
    >


    Nope, but i had some problems with Blars at my last job. Generally, sending
    the blocking admin a link to Blars home page (http://www.blars.org/blars.html
    and http://www.blars.org/errors/block.html) would make them stop using that
    list. Check out his photo I can't belive there is any serious admin who
    would continue to use his list after reading what he charges to get you
    delisted, or his criteria for blocking. I'm not even sure he's for real...

    I'm not really informed about the other ones, but a quick check on fiveten and
    spews make them look really bad for general use. Why can't people actually
    read the conditions of blacklists before using them?

    regards
    Andreas Wettergren

    Support
    Tel: 0752-40 10 05
    _____________________________________________
    www.rit.se - rit ab - E-mail:andreas@rit.se
    Box 70, 428 21 Kållered Besök: G:a Riksvägen 36
    Tel: 0752-40 10 05 Fax: 0752-40 10 99

  4. RE: bogus blacklists

    Hello,

    Would you recommend using SPEWS Level1 (www.spews.org) for webhosting
    company (offering also email service)? It is using l1.spews.dnsbl.sorbs.net,
    although it is not mentioned on the sorbs website (only on spews.org). And
    what about other sorbs lists? For example the "smtp" and "spam" lists.

    Thanks

    --
    bYE, Marki

    > -----Original Message-----
    > From: Andreas Wettergren [mailto:andreas@rit.se]
    > Sent: Friday, July 21, 2006 8:34 AM
    > To: debian-isp@lists.debian.org
    > Subject: Re: bogus blacklists
    >
    > torsdag 20 juli 2006 16:15 skrev John Kelly:
    > > www.dnsstuff.com says don't use:
    > >
    > > > BLARSBL, FIVETENIGNORE, FIVETENSRC, JAMMDNSBL, SPAMBAG,

    > SPEWS (these
    > > > block large IP ranges)

    > >
    > > > MAPS-DUL, SORBS-DUHL
    > > > (these knowingly list IPs that do not meet listing criteria).

    > >
    > > I inherited some IP space listed at five-ten and blars, but nowhere
    > > else. Anyone using them?
    > >
    > >
    > >

    >
    > Nope, but i had some problems with Blars at my last job.
    > Generally, sending the blocking admin a link to Blars home
    > page (http://www.blars.org/blars.html and
    > http://www.blars.org/errors/block.html) would make them stop
    > using that list. Check out his photo I can't belive there
    > is any serious admin who would continue to use his list after
    > reading what he charges to get you delisted, or his criteria
    > for blocking. I'm not even sure he's for real...
    >
    > I'm not really informed about the other ones, but a quick
    > check on fiveten and spews make them look really bad for
    > general use. Why can't people actually read the conditions of
    > blacklists before using them?
    >
    > regards
    > Andreas Wettergren




    --
    To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
    with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

  5. RE: bogus blacklists

    Hi,

    Well, my fault... I was aware of that big discussion about de-listing fee,
    but I just didn't realized that it was sorbs... So my question is now that
    if it can be trusted for the SPEWS list... And if that list is not too
    restrictive to use at smtp level for webhosting company...

    > -----Original Message-----
    > From: Marek Podmaka [mailto:marki@onee.sk]
    > Sent: Friday, July 21, 2006 11:26 PM
    > To: debian-isp@lists.debian.org
    > Subject: RE: bogus blacklists
    >
    > Hello,
    >
    > Would you recommend using SPEWS Level1 (www.spews.org) for
    > webhosting company (offering also email service)? It is using
    > l1.spews.dnsbl.sorbs.net, although it is not mentioned on the
    > sorbs website (only on spews.org). And what about other sorbs
    > lists? For example the "smtp" and "spam" lists.
    >
    > Thanks
    >
    > --
    > bYE, Marki




    --
    To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
    with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

+ Reply to Thread