-----Original Message-----
From: owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com
[mailto:owner-spf-discuss(_at_)v2(_dot_)listbox(_dot_)com]On Behalf Of
Hallam-Baker,
Phillip
Sent: Wednesday, March 03, 2004 9:43 AM
To: 'spf-discuss(_at_)v2(_dot_)listbox(_dot_)com'
Subject: RE: [spf-discuss] SPF Server
-----------------snip-----------------------------
I think that the blacklist idea has pretty much run its course at this
point. Filtering is a much more powerfull idea. The
'blacklists' used by
the big ISPs today are internal lists that are simply IP
addresses that
have been the source of large quantities of mail tagged as spam by the
filters.
While you made some valid arguments as to why _some_ blacklists have
gone belly-up or are infrequently used, I disagree with your conclusion.
Some blacklists _are_ well-run and are routinely used to block mail in
large production servers.
I have two providers. For a long time, they both filtered and tagged
spam. The smaller provider used a content filtering system, while the
larger provider tagged based on _external_ IP blacklists. The larger
provider, having satisfied themselves of the performance of the selected
blacklists, recently changed their policy to reject messages rather than
filter. This change in policy has had an enormous and immediate impact
on my email experience. The blocking initially reduced my spam load
from around 120 messages per day to around 10 messages per day and it
has now decreased to around 3 messages per day. I have yet to have
anyone contact me about an email rejection in the four weeks since they
started blocking, though I expect that will happen from time to time.
In contrast, my smaller provider that uses content filters still
delivers me buckets of spam to wade through.
Having used both methods, I am unequivocal in my preference. With
filtering, you _must_ manually peruse the filtered results to catch
false positives, which carries no guarantee of actually noticing them.
Whitelists are fine for correspondents from whom you expect messages
only, so you still have to check the spam folder. With blocking, the
sender gets a DSN and will contact me. A legitimate message being
rejected without the sender contacting me is probably less likely than
my missing a legitimate message buried in the spam folder.
This stunning success shows that blocking based on external blacklists
plus IP heuristics can work very well in a large production environment.
In fact, if SPF becomes widely deployed, blacklists will become even
more important and RHS blacklists in particular will become much more
effective.
--
Seth Goodman