RE: OT: Why Friends Don't Let Friends use RBLs
- From: "Thomas W Shinder" <tshinder@xxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Tue, 1 Jun 2004 21:09:54 -0500
Hi John,
The problem with the RBLs are:
1. They do *not* inform the person they put on the list that they are
indeed on the list
2. They do *not* perform due diligence before placing someone on their
lists
3. They do *not* take fiscal reponsibility for the damage they
"inadvertantly" do when they DoS entire domains
4. Many people find it vitually impossible to be removed from their
lists
5. They often take the position as "censor" and include in their dreaded
databases domains that host content that they, or some disgrunted grunt,
doesn't approve of.
6. RBL'ing open relays is fine, but they should be responsible for
removing an entry from their list within 1 hour that the relay is
closed, and inform *all* harried network/mail admins of their hastiness
and that they should remove the entry ASAP.
Note that I place the blame on the dreaded RBL'er, not the harried,
harassed, underpaid and overworked network/mail admin who's just trying
to do the best he can. As I see it, the admin is as much a victim as the
innocent guy that was placed on the RBL for reasons "NOS" (not otherwise
specified). It's all of us, in the end, who are victimized by RBL'ers
who play thought police and censor. There are a lot of better ways to
block spam, and a lot more reliable.
This has nothing to do with Sunbelt. I know that RBL'ers had them
targeted too, but my complaints about them go far beyond that. RBL'ers
are the worst kind of vigilantes, and I hope their days are numbered.
I don't use RBLs and I see very little spam that makes it to our
domains. Using a combination of spam whacking techniques, I find no
reason to support their dastardly deeds.
<RANT OFF>
BTW -- did I ever mention that I don't think RBL'ing is a good thing?
;-)
Thanks!
Tom
Thomas W Shinder
www.isaserver.org/shinder
ISA 2004 Beta - Get it now!
http://www.microsoft.com/isaserver/beta/default.asp
ISA Server and Beyond: http://tinyurl.com/1jq1
Configuring ISA Server: http://tinyurl.com/1llp
-----Original Message-----
From: John Tolmachoff (Lists) [mailto:johnlist@xxxxxxxxxxxxxxxxxxx]
Sent: Tuesday, June 01, 2004 8:49 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] RE: OT: Why Friends Don't Let Friends use RBLs
http://www.ISAserver.org
> I am FURIOUS at these self-appointed guardians of the internet. They
> have caused me more aggravation and more Denial-Of-Service than spam
> ever has. And that's just at home. Now, they have caused a denial of
> service at a major government installation. There are literally
hundreds
> of thousands of people worldwide that depend on our e-mail system for
> everything from education to scientific research to national security.
> How many other ISP's are blocking us?
I have seen this one already, and it has been discussed at length on
another
list. What this rant does not go on to explain is the fact that the
admins
in charge of their e-mail server(s) refuse to take any responsibility
and
fix the problems that are there. They have decided to take the approach
that
we are the government, and therefore our configuration is fine.
Here is a quote from another list:
" IMHO situations such as those occurring at the Kennedy Space Center
mail
servers, is simple evidence of the arrogance of system Administrators in
believing they "own" the mail boxes of those receiving the spew of
unwanted
email messages, known as spam.
When any admin neglects to respond to complaints of system compromises
or
spamming, I firmly believe they should have their internet privileges
suspended until they wake up and apply best practices to their own
systems.
Another insecure system that is relaying a constant spew of spam is the
mail
servers at va.gov. The consequence is that they, too, are now appearing
on
the DNSBLs and other blacklists. These "gummit" admins are not in some
ivory
tower, and must bear a responsibility to be good "netizens" or suffer
the
consequences. All of them have failed or refused to respond to not just
a
few, but thousands of complaints about their systems.
The ability of private enterprise to block incoming mail from abusive
systems cannot be considered a denial of service, but legitimate
protection
of the recipient system of resources being stolen by the abusers."
Basiclly, their e-mail servers were/are being used by spammers to relay
spam. Therefore, they should be and are listed. Their admins need to get
off
their buts and start cleaning up their acts.
<RANT ON>
And since Tom is the one to post this, I have no reservation about
bringing
up that one of the companies attempting to come to the defense of these
admins is none other than Sunbelt itself. Sunbelt itself was listed on
MAPS,
and decided to stay on it. I am sure people on here and on the
MSExchange.org site know my opinion of Sunbelt. Yes, their products are
good, but the people in charge, well, I think I will stop there.
<RANT OFF>
RBLs are great in a system that uses various tests to determine the
"spaminess" of a message. That is the key, multiple tests testing
multiple
sections/parts.
John Tolmachoff
Engineer/Consultant/Owner
eServices For You
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Other Internet Software Marketing Sites:
World of Windows Networking: http://www.windowsnetworking.com
Leading Network Software Directory: http://www.serverfiles.com
No.1 Exchange Server Resource Site: http://www.msexchange.org
Windows Security Resource Site: http://www.windowsecurity.com/
Network Security Library: http://www.secinf.net/
Windows 2000/NT Fax Solutions: http://www.ntfaxfaq.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tshinder@xxxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Other related posts:
