Hi John, The problem with the RBLs are: 1. They do *not* inform the person they put on the list that they are indeed on the list 2. They do *not* perform due diligence before placing someone on their lists 3. They do *not* take fiscal reponsibility for the damage they "inadvertantly" do when they DoS entire domains 4. Many people find it vitually impossible to be removed from their lists 5. They often take the position as "censor" and include in their dreaded databases domains that host content that they, or some disgrunted grunt, doesn't approve of. 6. RBL'ing open relays is fine, but they should be responsible for removing an entry from their list within 1 hour that the relay is closed, and inform *all* harried network/mail admins of their hastiness and that they should remove the entry ASAP. Note that I place the blame on the dreaded RBL'er, not the harried, harassed, underpaid and overworked network/mail admin who's just trying to do the best he can. As I see it, the admin is as much a victim as the innocent guy that was placed on the RBL for reasons "NOS" (not otherwise specified). It's all of us, in the end, who are victimized by RBL'ers who play thought police and censor. There are a lot of better ways to block spam, and a lot more reliable. This has nothing to do with Sunbelt. I know that RBL'ers had them targeted too, but my complaints about them go far beyond that. RBL'ers are the worst kind of vigilantes, and I hope their days are numbered. I don't use RBLs and I see very little spam that makes it to our domains. Using a combination of spam whacking techniques, I find no reason to support their dastardly deeds. <RANT OFF> BTW -- did I ever mention that I don't think RBL'ing is a good thing? ;-) Thanks! Tom Thomas W Shinder www.isaserver.org/shinder ISA 2004 Beta - Get it now! http://www.microsoft.com/isaserver/beta/default.asp ISA Server and Beyond: http://tinyurl.com/1jq1 Configuring ISA Server: http://tinyurl.com/1llp -----Original Message----- From: John Tolmachoff (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx] Sent: Tuesday, June 01, 2004 8:49 PM To: [ISAserver.org Discussion List] Subject: [isalist] RE: OT: Why Friends Don't Let Friends use RBLs http://www.ISAserver.org > I am FURIOUS at these self-appointed guardians of the internet. They > have caused me more aggravation and more Denial-Of-Service than spam > ever has. And that's just at home. Now, they have caused a denial of > service at a major government installation. There are literally hundreds > of thousands of people worldwide that depend on our e-mail system for > everything from education to scientific research to national security. > How many other ISP's are blocking us? I have seen this one already, and it has been discussed at length on another list. What this rant does not go on to explain is the fact that the admins in charge of their e-mail server(s) refuse to take any responsibility and fix the problems that are there. They have decided to take the approach that we are the government, and therefore our configuration is fine. Here is a quote from another list: " IMHO situations such as those occurring at the Kennedy Space Center mail servers, is simple evidence of the arrogance of system Administrators in believing they "own" the mail boxes of those receiving the spew of unwanted email messages, known as spam. When any admin neglects to respond to complaints of system compromises or spamming, I firmly believe they should have their internet privileges suspended until they wake up and apply best practices to their own systems. Another insecure system that is relaying a constant spew of spam is the mail servers at va.gov. The consequence is that they, too, are now appearing on the DNSBLs and other blacklists. These "gummit" admins are not in some ivory tower, and must bear a responsibility to be good "netizens" or suffer the consequences. All of them have failed or refused to respond to not just a few, but thousands of complaints about their systems. The ability of private enterprise to block incoming mail from abusive systems cannot be considered a denial of service, but legitimate protection of the recipient system of resources being stolen by the abusers." Basiclly, their e-mail servers were/are being used by spammers to relay spam. Therefore, they should be and are listed. Their admins need to get off their buts and start cleaning up their acts. <RANT ON> And since Tom is the one to post this, I have no reservation about bringing up that one of the companies attempting to come to the defense of these admins is none other than Sunbelt itself. Sunbelt itself was listed on MAPS, and decided to stay on it. I am sure people on here and on the MSExchange.org site know my opinion of Sunbelt. Yes, their products are good, but the people in charge, well, I think I will stop there. <RANT OFF> RBLs are great in a system that uses various tests to determine the "spaminess" of a message. That is the key, multiple tests testing multiple sections/parts. John Tolmachoff Engineer/Consultant/Owner eServices For You ------------------------------------------------------ List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ ------------------------------------------------------ Other Internet Software Marketing Sites: World of Windows Networking: http://www.windowsnetworking.com Leading Network Software Directory: http://www.serverfiles.com No.1 Exchange Server Resource Site: http://www.msexchange.org Windows Security Resource Site: http://www.windowsecurity.com/ Network Security Library: http://www.secinf.net/ Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com ------------------------------------------------------ You are currently subscribed to this ISAserver.org Discussion List as: tshinder@xxxxxxxxxxxxxxxxxx To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist