I'm not sure what your "Not really" comment is replying to. While I
agree that there have been a large number of very badly run DNSBLs out
there, this doesn't change the fact that some of the best known DNSBLs
have been the target of multiple lawsuits.
Absolutely, and in the past few years most of those suits seem to
be frivolous. But that was not the case in the early years. When
I started reading the early cases against MAPS I was really surprised.
At this point the spam deluge is so vast that people understand that
tere is a need for spam blocking. It also means that fewer of the
blacklists are spending their time on hyperfine distinctions as to
'acceptable' behavior.
But I really do wonder whether the blacklist behavior would not have
improved without the threat of legal sanctions.
So, there ya are. Running a public SPF server opens you up to a
'dow-corning' type legal attack.
It is a theoretical possibility - one that should certainly be kept
in mind.
That does not mean that there is no way to control the risk. I am
not a lawyer, this is not legal advice, but remember that ten years
ago the possibility of my business existing at all was thought
impossible due to the legal risks.
The key issue to consider here is standing. Who has standing to
call for a public SPF filter to be shut down? The domain owner?
Well why are they publishing the records in the first place? The
user? Surely use is voluntary?
I think it would be very easy to get a case brought by a spammer
claiming the right to impersonate sombody else thrown out of court.
Uh huh. This is very close to being a cartooney. Go make similar
posts over on NANAE and you will be listed in some (private) DNSBLs.
Then you will have a chance to put your money where your mouth is.
Yep, I am quite aware that there are folk who don't want to be held
accountable, but calling folk cartooneys does not eliminate a legal
risk.
Incidentaly, if the intention of a cartooney blacklist was to prevent
or deter access to legal remedies the operator could be in a whole
heap of trouble, where I come from it would be considered contempt
of court.
There is a reason MAPS settled many of those early lawsuits, the
companies that brought them were not selling penis potions
or the like.
Maps won most of their lawsuits, and settled a few. It was costly for
them though.
They won some cases that were widely publicised. The cases they lost
make interesting reading.
Remember that at the time the cases were brought, penis enlargement and
porno spam did not yet exist. This was at a time before legitimate
companies had learned to avoid anything that looked remotely like spam.
Uh, DNSBL operators publish an opinion. There is no demand, and there
is no reason why they should be accountable to anyone for their
opinions.
The 'opinion' is published in machine readable form with the express
intent of facilitating a particular action. If a person puts a loaded
gun on the table and expresses an 'opinion' that a certain person
should be dead the result is considered murder.
You don't
quantify "much", but I doubt that you would lose over 1%. That may be
"too much" for many people, but you seem to imply that you would lose
much more.
I consider 0.2% false positives unacceptable. I want to have 0% false
positives from commercial sources. I don't mind losing the odd
personal email, but losing business mail is serious.
To take an absolutely real no joking example, on Monday I got a message
that told me that I was owed $1390 in my spam traps. It was from a
conference that owed me an honorarium, I had asked it to be paid to
another party but they had been unable to accept it.
I get an acceptable performance using our current filter system - and
I get over 1000 spams a day.