RE: OT: Why Friends Don't Let Friends use RBLs
- From: "Amy Babinchak" <amy@xxxxxxxxxxxxxxxxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Wed, 2 Jun 2004 19:43:39 -0400
More and more ISP's are getting with the times and allowing reverse look
up changes. But it is typically the more expensive ISP's that are
getting on track first. Many small businesses are using less expensive
ISP's like SBC or Yahoo DSL. So not only does mandatory reverse look up
block out the "I got a domain" folks it is also catching a lot of small
businesses. I've been dealing with this issue a lot lately. Imagine my
fun, having to explain the concept of reverse DNS to the poor sot stuck
answering the support line. I have to get through enough of it in order
to be handed up the line, where I start the process all over again,
until I get passed to a third person...you get the picture. Some times
I'm successful. Some times I have to convince the client to change ISP's
- which is pain in itself.
Amy Babinchak
Technology Consultant
Harbor Computer Services
-----Original Message-----
From: Jim Harrison [mailto:jim@xxxxxxxxxxxx]
Sent: Wednesday, June 02, 2004 10:52 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: OT: Why Friends Don't Let Friends use RBLs
http://www.ISAserver.org
Hear, hear, John!
I also find *some* blacklists to be very useful and I agree that there
are some that are little more than small boys still crying "I
have the power!!!!" .
I also find reverse-lookups to be even more useful.
If a mail source can't / won't maintain a valid Internet presence, I
probably don't need their mail.
This behavior is typified by the "mobile" spammers that change ISPs
every week / month as they're discovered.
It's also true of the "hey, look; I gots me a domain!" folks that
believe that just because they can spend $15/yr on a domain name
that they should be able to send mail from their house as well.
Granted, there's a whole in the education process here, but that's the
purview of the domain registrars and ISPs. If they're
willing to take your money to "support" your domain, they should at
least point you toward the "rules of the road" and allow you to
define your rev-lookups.
If your ISP can't / won't help you in this, then maybe it's time to seek
out another provider (I know; not everyone has that
choice).
Jim Harrison
MCP(NT4, W2K), A+, Network+, PCG
http://www.microsoft.com/isaserver
http://isaserver.org/Jim_Harrison
http://isatools.org
Read the help, books and articles!
----- Original Message -----
From: "John Tolmachoff (Lists)" <johnlist@xxxxxxxxxxxxxxxxxxx>
To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
Sent: Tuesday, June 01, 2004 23:13
Subject: [isalist] RE: OT: Why Friends Don't Let Friends use RBLs
http://www.ISAserver.org
Responding to multiple posts:
> Blacklists have always been a pain in my *ss. Seems a lot of admins I
know
> used to view them as a first form of defense against spam, well at
least
> used to until I knocked sense into them.
> Blacklists have been a disappointment to me. What seems like a really
> good idea falls somewhat short in implementation. I'd love to have a
> reliable blacklist of spammers, but far too often false positives and
> other problems have rendered them more trouble than they're worth to
me.
> (so we've never used them)
> I don't use RBLs and I see very little spam that makes it to our
> domains. Using a combination of spam whacking techniques, I find no
> reason to support their dastardly deeds.
All valid points. Stand bye!
> 1. They do *not* inform the person they put on the list that they are
> indeed on the list
Counter points:
A. Not always possible to find who to report to. Many domains
erroneously do
not accept e-mail to abuse@ or postmaster@, which by RFC they are
required
to do so. Many do not accept e-mail to the domain literal, (IP address
instead of domain name) which some of the RBLs that everyone complains
about
does indeed send a notice out, but if the server is not configured to
receive it...
B. It is the responsibility of the entity that wants an e-mail server on
the
Internet to take the needed steps to be familiar with the requirements
and
ramifications of doing so.
C. You own a vacant house. Drug dealers begin using it to spread their
venom. Is the policy required to notify you before take action to stop
that
activity?
> 2. They do *not* perform due diligence before placing someone on their
> lists
Counter points:
A. True for some, not for all. This is why we research and talk about
which
ones to use. In fact, on a list I am on for the anti-spam software I
use,
other members have regular conversations with the keepers of some lists,
and
those just happen to be the ones that we have found to be the best to
use.
B. If thousands of people start reporting they are receiving spam from
an
e-mail server, isn't that enough evidence? Ask AOL.
> 3. They do *not* take fiscal responsibility for the damage they
> "inadvertently" do when they DOS entire domains
Counter points:
A. "They" did no damage, as they them selves blocked no one. The ones
that
"denied" access are the ones that voluntarily use the lists.
B. No one forces any one to use the lists. Use of them is voluntary, and
almost if not all clearly state that use of the lists is "use at your
own
risk!"
C. In the check out lane of the grocery store, you see a magazine that
says
women has child with alien as the father, do you take it as truth, or do
you
use your wisdom and judgment?
D. It is raining out side and your roof is leaking. You run to the
hardware
store and buy a tarp to put on the roof. It works great. Hey, this is
great,
it stopped the leak. 2 months later, the tarp is still there. It starts
raining and rains for three days. The leaks start again. Do you complain
to
the tarp manufacturer that the tarp that has been in place on the roof
to
stop leaks no longer works?
> 4. Many people find it virtually impossible to be removed from their
> lists
Counter points:
A. For some RBLs, this is absolutely true. This is why we do not use
those
ones, or weight them very slight.
> 5. They often take the position as "censor" and include in their
dreaded
> databases domains that host content that they, or some disgruntled
grunt,
> doesn't approve of.
Counter points:
A. For some RBLs, this is absolutely true. This is why we do not use
those
ones, or weight them very slight.
B. Some domains out and out deserve it. Do you know there is a company
based
in Las Vegas maintains a free mailing list to spread the word about
Amber
Alerts? Wow, they must be good people. What you do not know is they
harvest
those e-mail addresses that sign up, sell them to their other clients,
which
then turn around and send out spam. Oh, BTW, this company is also a
registered ISP, so their IPs are assigned straight from IANNA or what
not,
so that no one above them can shut them down. You know what, we block
every
single IP that company has period!
> 6. RBL'ing open relays is fine, but they should be responsible for
> removing an entry from their list within 1 hour that the relay is
> closed, and inform *all* harried network/mail admins of their
hastiness
> and that they should remove the entry ASAP.
Counter point:
A. Some in fact do this. How, by performing automatic tests every 24
hours.
If the tests then comes back clean, bingo, you are off. BTW, AOL does
this
to. If you get listed, they retest every 24 hours.
B. Those RBLs that are responsible, if you notify them you are now
clean,
they will indeed retest or otherwise cause you listing to be removed as
soon
as is practical.
C. RBLs are checked dynamically via DNS. This means that as soon as a
listing is removed, it is gone. The very next second, if the DB is
checked,
it will not be there.
D. NO ONE should be using a static RBL list that was downloaded. The
whole
premise behind a RBL is by dynamically checking against the DB via a DNS
A
record request.
John Tolmachoff
Engineer/Consultant/Owner
eServices For You
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
amy@xxxxxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Other related posts:
