[Dshield] RBL black listing legitimate servers

Doug White doug at clickdoug.com
Sat Jan 10 05:04:11 GMT 2004


That article is a bit harsh, and gives the perception that it has been authored
by a pro-spammer.

That said, I am of the opinion that the occasional DDOS attacks on the blacklist
servers is clear evidence that they are serving their purpose, and that is to
help mail providers prevent the acceptance of UCE/UBE
Use of those lists, while free, is not exactly a "set it and forget it" as mail
system admins must continue to be vigilant about just what is trying to enter
their systems.

For those that are curious and somehow think that wanted email comes through
open relays, they are free to flag suspect mail and spend unproductive time in
perusing the flood that comes in on a daily basis, and then there are those who
do not want all that junk polluting their systems and resources, thereby merely
and summarily blocking the connection.

No single blacklist will catch all junk email, and usually a collection of six
or more will assist in reducing the junk that employees must wade through in
order to do their jobs.  It also keeps the pressure on legitimate system admins
to pay attention and keep their configuration setup as correctly as possible.

On top of this is the myriad of mail server software packages, some free, some
moderate in cost and many very expensive, and it is almost rocket science just
to get them all to talk to each other, much more so to implement configuration
and rulesets in order to retain control of their respective in-boxes.

There are a plethora of so-called solutions in the marketplace, none of which
are perfect. None replace the well trained and well experienced administrator
who has to constantly use all the resources at his/her command (and beg for
more) just to keep the email systems workable.

And this is only email.  Add to this all the other vulnerabilities, and
perceived vulnerabilities that are constantly being probed and many times
compromised, and it appears to be a losing battle to maintain connectivity to
what at one time was a great idea, that being the convenience of connecting
everyone together.  This carelessness and criminality across the planet has
created a new industry building better doorways and better locks, together with
better gates, in order to do business.

What do we do? Do we cave in and say "live with it?" or do we continue to keep
up the good fight and try to stay at least in step with the miscreants with the
ultimate goal of getting ahead of them?

P. S. I don't use or.ordb.org, but I do use relays.ordb.org along with others.

======================================
Stop spam on your domain, Anti-spam solutions
http://www.clickdoug.com/mailfilter.cfm
For hosting solutions http://www.clickdoug.com
======================================
Aspire to Inspire before you Retire or Expire!


----- Original Message ----- 
From: "YevetteM" <yevettem at gsmt.com>
To: <list at dshield.org>
Sent: Friday, January 09, 2004 5:22 PM
Subject: [Dshield] RBL black listing legitimate servers


: We received the following Bulletin today from Alt-N(MDaemon) regarding
: or.orbl.org -
:
: <snip>
: It has come to our attention today that one of the Realtime Blackhole Lists
: (RBL) that your MDaemon may be using is experiencing ongoing operational
: problems causing it to black list legitimate servers.  This problem is
: similar in some ways to the problems that the Osirusoft RBL service
: experienced last year.
:
: Depending on how it is configured, your MDaemon might be setup to use these
: free RBL services; as a result, your MDaemon might be refusing to accept
: mail from legitimate sources.
:
: To address this problem, perform the following step as noted on our
: Knowledge Base Article # KBA-01528
: (http://www.altn.com/support/knowledge_base.asp?product_id=MDaemon)
:
: Repeated problems with free RBL service providers are fueling controversy
: over their role in combating the ever-worsening spam problem.  To prevent
: future RBL related problems from impacting the acceptance of legitimate
: email by your MDaemon, be sure to configure the Spam Blocker to 'Flag
: messages from blacklisted sites but go ahead and accept them'.  You will
: find this option within the Spam Blocker settings.
: </snip>
:
: Just thought I would pass this on. I have been unable to find any additional
: information regarding this issue.
:
: -Yevette
:
: _______________________________________________
: list mailing list
: list at dshield.org
: To change your subscription options (or unsubscribe), see:
http://www.dshield.org/mailman/listinfo/list
:
:




More information about the list mailing list