From: Nathaniel Borenstein <nsb(_at_)guppylake(_dot_)com>
FWIW, I believe Keith is probably right. Blacklisting has been a major
impediment to my own email usage. I don't know about any *particular*
blacklisting service because when your ISP gets blacklisted by mistake
and you're simply collateral damage, it's very hard for you to get an
explanation of what's going on, because your email has been blocked --
this has happened to me several times.
Several times? As far as I know, most people I know have never been
collateral or other kinds of blacklist damage. Do you use what might
be called marginal ISPs? Some large outfits such as UUNet have long
refused to care enough about spam. (See the current Spamhaus listings
for UUNet at http://www.spamhaus.org/sbl/listings.lasso?isp=uu.net and
particularly the orange boxes.)
My own theory is that
blacklists are fundamentally flawed because they are inevitably NOT
accompanied by sufficient administrative staff to deal with the
inevitable mistakes and exceptions in the blacklist. Moreover they
aren't necessary, given the number of other ways to block spam. --
I have interests in other ways to block spam, but I don't like that
reasoning. Many bad implementations don't prove the idea is hopeless.
The design and implementation flaws in practically all installations
of desktop software do not show that desk top computers are bad ideas.
All of us, including those who have never used a Microsoft product,
have been collateral damage of Microsoft's design philosophies,
implementation processes, and business plans, but that implies nothing
about personal computers in general or software from the Seattle area.
Before mail-abuse.org existed and I think before the RBL was called
the "RBL," it was pointed out to me. I said that I couldn't imagine
a Fortune 500 company having an outsider decide which IP addresses
could send mail. No matter how forcefully I would have said "Paul's
a good guy," if I'd been one of my bosses, I would have been unmoved.
But maybe that's just me. All other (usable) ways to block spam
are being purchased as out-sourced services. If you can trust
outsiders to have "sufficient administrative staff to deal with the
inevitable mistakes and exceptions" in a spam blocking mechanism
that is not blacklist, then why can't a blacklist be run properly?
The only thing that distinguishes blacklists from other third party
spam filters is that setting up a DNS blacklist is easiest. Any fool
can set up a blacklist. That many fools have and other fools have
used them does not show that blacklists are bad any more than the ease
of setting up an IP network shows TCP is the spawn of the devil.
Vernon Schryver vjs(_at_)rhyolite(_dot_)com