list managemnt issue - rbl

Alvin Oga alvin at Mail.Linux-Consulting.com
Thu Nov 13 18:54:56 EST 2003


hi ya

a list admin cannot do nothing about stopping spam
other than making it members only ...

rest of the spam fighting applies to all lists
and all regular user emails too 

thanx donald and crew for the list... its a lot of work
to keep a list going

On Fri, 14 Nov 2003, Chris Samuel wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> On Fri, 14 Nov 2003 07:52 am, Angel Rivera wrote:
> 
> > Don't wanna get RBL'd?  Keep your system tighened down. Someone does not
> > get into RBLs by keeping their system configured correctly.
> 
> This is rapidly getting off-topic, but this needed addressing.

yes and no, 75% or more of the spams come from "mis-managed" clusters
	( at least when i'm collecting data on sven virus )

	http://www.Linux-Sec.net/Mail/SpamVirus/Sven/

all that "compute power" for sending out spam .. :-) ( *pout* )

> People *can* get into blacklists without doing anything wrong, if the 

- only way is if you sent spam ..
- or if you inherited an ip# of a spammer
- or if the rbl db admin decides to block all ip# in the
  class-C, class-B, country

> maintainers are overly broad with their brush (such as listing entire class-C 
> networks at hosting companies) or because of malicious/clueless submission of 
> reports.

BL works when:
	- the blacklister has a copy of the spam to prove their case
	( it works when you run your own RBL lists .. or whatever way
	( you/your corp decide to fight spam

	- building your own rbl is trivial or complicated ..depending
	on what you want it to do ..
		http://www.UCEAS.org/RBL.Server/

BL does NOT work when:
	- its done by a 3rd party
	- its done for free on tehir t1 or t3 line for everybody to use
 	- the bl db maintainer adds any incoming report w/o checking
	- the bl db maintainers does NOT remove people from the bl db
	- the bl db mainterners adds the entire class-C, class-B or entire
	  country to their bad-boy list

> Debian blacklisted:
> 
> http://lists.debian.org/debian-devel/2002/debian-devel-200207/msg00044.html

mailing lists should be open for all, liek they are, in which case spam
can get thru

if mailing lists are members only, its one more hurdle for the spammer sw
to subscribe, spam the list, and unsubscribe 

--------

whitelisting doesn't work, you dont know where your business inquiry
is coming from

challenge response system is too much of a pain for people to 
start a (business/social) conversation .... but does work,
but again it tells the other business you dont know how else
to stop spam without considering everybody a potential spammer
	( a bad impression in my book )

tar pitting works if enough people implements it and slows down the
sending ( misconfigured open relay or cracked ) server


simple bouncing ( rejecting ) the incoming spam will fill the
sending guilty spam server of rejected/bounced spam

	- dropping the spam is a bad idea, since it confirm	
	to them that the email address is valid and you'd
	get more of it

----

80% of all DNS is misconfigured too ... :-)

c ya
alvin

_______________________________________________
Beowulf mailing list, Beowulf at beowulf.org
To change your subscription (digest mode or unsubscribe) visit http://www.beowulf.org/mailman/listinfo/beowulf



More information about the Beowulf mailing list