There is one thing I could proof when counting the emails going
through the mailer I am responsible for.
When we started blocking emails from dynamic addresses we
reduced spam by 50%.
The gurus would not believe but I could show thenm, when we
blocked all but the dynamic addresses we could reduce spam
by 50% too.
The bad side, we could not show how many legitimate mails
did not come through in either case. They were lost.
Mailblockers maintained by humans are never perfect. spamhause
proofed that when they knowingly blocked atnic.at allthough
atnic.at had never sent spam.
There is little difference between a mailblocker maintained
by humans and a greylist maintained by your own computer
except you can correct problems yourself.
When I see mailblockers usually blocking all dynamic addresses
then I can conlude from my observations that they have at
least 50% false positives.
There is a minor annoyance with greylists - broken mailers
and people with 50 outgoing mailers.
Broken mailers are mostly spammers, more than 50%.
People with more than 50 outgoing mailers are mostly the
source of all that spam. So the greylist is no worse than
a mailblocker and it always gives you a second chance.
A mailblocker does not.
Looking into my exim4 log I can see more than 90% of spam
gets lost when some bot on a hitch-hiked machine tries to
imitate a mailer.
When you try TLS on an incoming mail they all get lost.
So why do they setup expensive machines in a colo to run
a mailblocker?
Money!
And you can put those few people with 50 outgoing mailers
on your whitelist.
Kind regards
Peter
Dave CROCKER wrote:
Theodore Tso wrote:
This doesn't work for most people, but I had fun composing this
response, and coming just a few weeks after people claiming that
IP-based blacklists work well, and rarely result in false positives, I
felt I just had to share. :-)
Ted,
Evidently you believe that the anecdote you posted proves something, but
I am not sure what.
Some others have suggested that it proves something which, I strongly
suspect, is not what you had in mind.
Perhaps you can clarify the purpose of your note. How should it be
incorporated into the IETF's deliberations?
If you believe that it demonstrates that blacklists do not work well
and/or do not rarely result in false positives, perhaps you can document
the basis for that assessment.
I feel confident that you do not intend a single anecdote, about minor
email service participants, to serve as the basis for such a global
conclusion about a mechanism that is implemented and relied on by
virtually every professionally-run email receiving service on the planet.
Thanks.
d/
--
Peter and Karin Dambier
Cesidian Root - Radice Cesidiana
Rimbacher Strasse 16
D-69509 Moerlenbach-Bonsweiher
+49(6209)795-816 (Telekom)
+49(6252)750-308 (VoIP: sipgate.de)
mail: peter(_at_)peter-dambier(_dot_)de
http://www.peter-dambier.de/
http://iason.site.voila.fr/
https://sourceforge.net/projects/iason/
ULA= fd80:4ce1:c66a::/48
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf