> From: Nathaniel Borenstein <nsb@xxxxxxxxxxxxx> > FWIW, I believe Keith is probably right. Blacklisting has been a major > impediment to my own email usage. I don't know about any *particular* > blacklisting service because when your ISP gets blacklisted by mistake > and you're simply collateral damage, it's very hard for you to get an > explanation of what's going on, because your email has been blocked -- > this has happened to me several times. Several times? As far as I know, most people I know have never been collateral or other kinds of blacklist damage. Do you use what might be called marginal ISPs? Some large outfits such as UUNet have long refused to care enough about spam. (See the current Spamhaus listings for UUNet at http://www.spamhaus.org/sbl/listings.lasso?isp=uu.net and particularly the orange boxes.) > My own theory is that > blacklists are fundamentally flawed because they are inevitably NOT > accompanied by sufficient administrative staff to deal with the > inevitable mistakes and exceptions in the blacklist. Moreover they > aren't necessary, given the number of other ways to block spam. -- > Nathaniel I have interests in other ways to block spam, but I don't like that reasoning. Many bad implementations don't prove the idea is hopeless. The design and implementation flaws in practically all installations of desktop software do not show that desk top computers are bad ideas. All of us, including those who have never used a Microsoft product, have been collateral damage of Microsoft's design philosophies, implementation processes, and business plans, but that implies nothing about personal computers in general or software from the Seattle area. Before mail-abuse.org existed and I think before the RBL was called the "RBL," it was pointed out to me. I said that I couldn't imagine a Fortune 500 company having an outsider decide which IP addresses could send mail. No matter how forcefully I would have said "Paul's a good guy," if I'd been one of my bosses, I would have been unmoved. But maybe that's just me. All other (usable) ways to block spam are being purchased as out-sourced services. If you can trust outsiders to have "sufficient administrative staff to deal with the inevitable mistakes and exceptions" in a spam blocking mechanism that is not blacklist, then why can't a blacklist be run properly? The only thing that distinguishes blacklists from other third party spam filters is that setting up a DNS blacklist is easiest. Any fool can set up a blacklist. That many fools have and other fools have used them does not show that blacklists are bad any more than the ease of setting up an IP network shows TCP is the spawn of the devil. Vernon Schryver vjs@xxxxxxxxxxxx