>> The Spamhaus XBL and Spamhaus PBL are pretty useful in denying >> connections from botnets. You should try them - in the arsenal of >> spam-fighting tools, they are the probably most effective ones. > I've heard this about Spamhaus' lists. One wonders how it is > possible they are so useful and effective. It is a good question. I don't know the answer - but I don't have to understand _how_ they manage it to know _that_ they manage it. > Sometimes Vixie denies involvement with SORBS, sometimes he is > willing to talk "1x1" about SORBS business model. How can one trust > such activities by the top people? By trusting the people, of course. Your example is pretty totally bogus, though. I have no involvement at all with, say, Walmart, or L. L. Bean, but I can blather all evening about their business models; does that mean I'm untrustworthy? >> Wnat DNSBLs do is mitigate the damage so that we have at least >> middling-usable email while solutions evolve at the social level. > I agree. But there are technical reasons that they can't possibly > keep up, too. They have been so far. When reality disagrees with logical deductions, the thing to do is look for the incorrect assumption or the flaw in the logic, not to assert that reality is wrong. >> Using such a list puts a substantial crimp in direct-to-MX spamming. > That is an interesting euphemism for intentional collateral damage. "Eupehmism" is not an appropriate word here, I think. I was not attempting to sugar-coat something unpleasant. I was describing a desirable effect (stopping direct-to-MX spam); that the same thing also has an undesirable effect (stopping direct-to-MX ham) doesn't make discussing the desirable effect euphemistic. Direct-to-MX ham sending is, like open relays, one of the casualties of the net's getting infested with abusers. I don't like it, but so what? >> There aren't many addresses, as a fraction of the Internet, that are >> statically assigned and send spam. But the fraction is definitely >> nonzero, and they tend to send a lot. DNSBLs work very well indeed >> against those. > I'm sure they do. But those are typically CAN-SPAM compliant > emailers, and one doesn't need to use a DNSBL for that. Need to? I don't know; where's the boundary between need and want? I certainly want to, in the sense that it is the lightest-load way I've found to reject the resulting spam, CAN-SPAM compliant or not. (Why the emphasis on CAN-SPAM, by the way? Surely you don't think only the USA matters?) > And even those that weren't burned, surely know better now than to > trust DNSBLs. I trust DNSBLs as a class about as much as I trust people as a class, and I trust DNSBLs individually about as much as I trust people individually. That is to say, a few are utterly wonderful, a few are utterly horrible, and there's a whole spectrum in between. > Indeed, the numbers of mail bounced when these blacklists shut is a > better indicator of how many people actually used them. There was a > howl on Nanog, but no global disaster. That should tell you > something. Yes; it tells me that comparatively few people used DNSBLs which are badly run enough to have shut down disruptively. It tells me nothing at all about how many people use DNSBLs which are not that badly run. > What multi-million dollar ISP really wants to trust its email service > to some guy on a DSL line running a DNSBL out of his basement? Irrelevant. The existence of amateurishly-run DNSBLs does not imply the nonexistence of well-run ones. It _does_ mean that someone to whom email is important had better do due diligence in selecting DNSBLs - just as someone to whom a car is important had better do due diligence in selecting a mechanic, or someone to whom good clothes are important had better do due diligence in selecting a tailor.... /~\ The ASCII Mouse \ / Ribbon Campaign X Against HTML mouse@xxxxxxxxxxxxxxxxxxxx / \ Email! 7D C8 61 52 5D E7 2D 39 4E F1 31 3E E8 B3 27 4B _______________________________________________ Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf