At 08:48 PM 10/15/2008 -0400, Stuart D. Gathman wrote:
On Wed, 15 Oct 2008, Michael Deutschmann wrote:
On Wed, 15 Oct 2008, Stuart D. Gathman wrote:
In our case, we use our own reputation based blacklist. There are
too many false positives with Spam Haus and the like.
Really? I'd have thought using Spamhaus ZEN would be quite safe, since
even if there is an FP, you'd be among thousands of domains the sender
can't reach. You can expect the sender to realize he has a *major
problem* before he even composes a mail to one of your users....
I use the most conservative IP blacklists (CBL and Spamhaus) as my initial
filter, basically blocking addresses that are currently and heavily being
abused. I call this my "Block DoS" stage, and it drops about 2/3 of the
attempted connections, sending an SMTP reject with a link, so the sender can
check the blacklist.
My mailflow is currently too small to get any good stats on false rejects from
the Block DoS stage, but I'm not worried about it. As Michael says, if a
sender is on one of these lists, he will know he has a problem, even if he
doesn't know how to fix it.
Right there is the problem. The sender is clueless and incompetent,
and has no idea how to solve the problem. They can't even configure
a valid HELO.
I would change the wording a little. The sender is not an email admin, and is
not going to get involved in even the simplest technical problem, like setting
a valid HELO.
I think we can expect the sender to solve the problem, however. There are
plenty of services, even free services, that will relay your outgoing mail,
keep their transmitters clean, never get on an IP blacklist, and give you the
best possible assurance that your mail will be delivered. I use yahoo.com and
controlledmail.com.
I am willing and able to fix any problems with my own transmitter, but I would
rather spend my time on other projects. I use my own transmitter for
occasional tests, never for mail that needs reliable delivery. Even with *no
known problems*, now or in the past, I still have difficulty getting delivery
to services that treat mail from unknown transmitters as potential spam.
I think the real challenge is how do we motivate senders to fix a problem, when
our only communication with them is an SMTP reject. Maybe we need a webpage
with a list of services they can call for help.
-- Dave
-------------------------------------------
Sender Policy Framework: http://www.openspf.org
Modify Your Subscription: http://www.listbox.com/member/
Archives: https://www.listbox.com/member/archive/735/=now
RSS Feed: https://www.listbox.com/member/archive/rss/735/
Powered by Listbox: http://www.listbox.com