On 8/12/03 at 3:34 PM it was written:
The problem is that mail administrators manage to evaluate blacklists based
on their effectiveness not their reputation. This would lead to the
blacklists which block the most IPs, being the most effective. However,
there is no evaluation done on whether any innocent email is being blocked
as well. And leaving people in the dark about internal procedures of
blacklists is not helping the situation. They do not have to give out
contact info, just write up some clear guidelines and follow them.
We have had implemented a system for 6+ months now wherein we do have direct
feedback from users to indicate what level of Spam to Not Spam we see for all
of our RBLs.
We have been very slow and progressive in monitoring the results of each RBL
that we do attempt to use, including one that we maintain internally.
I can say clearly that there are good RBLs out there. They tend to be those
that follow the above recommendations.
For many others, though, we have found that there really are too many
exceptions that end up blocking too many sources of what may be considered
legitimate email by users.
The key piece of information here though is that we, as the administrators,
make no determination of what is considered spam and what is not considered
spam. We make certain that no email is directly blocked and is instead made
available to user to then indicate to us whether it is spam or not.
For the two most reliable RBLs we have found, the positives for the system out
99.8+% correct, with only a very occasional incidence of blocking what the end
user would end up considering to be not spam. This is still in my opinion not
good enough, but much better than many others we have tested against (some of
the worst were closer to 60% range of spam being blocked compared to the total
blocked by the RBL).
I think it is clear that an RBL is not unto itself a solution. It can used as a
part of a unified solution. But, unto itself, it does not provide enough of a
functionally reliable solution to be worthwhile when standing alone.
Cheers!
================================================================
Steven G. Willis sgwillis(_at_)deepskytech(_dot_)com 772.794.9494
Deep Sky Technologies, Inc. http://www.deepskytech.com/
http://www.badchickens.com/ http://www.store-secure.com/
================================================================
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg