[nSLUG] smtp relay through eastlink and ESET Nod32 tagline = disappearing email

Ian Campbell ian at slu.ms
Fri Oct 30 14:35:30 ADT 2009


On Fri, Oct 30, 2009 at 11:10:53AM -0300, Paul B wrote:
> Just a side note, parts of Eastlink's business IP pool is listed on SORBS
> "dynamic IP" block list. You will be effected by this as it seems people use
> it for flat out blocks instead of scoring. If anyone plans on running a
> business connection SMTP server check the IP your going to use for your MX
> against a black hole list search engine like: http://www.blacklistalert.org/
> 
> Personally dislike RBHL's. Heck, using SORBS really relaxed (spam not recent
> or new) list I was getting warnings of a block on Google servers when
> testing it months ago.

There's nothing (terribly) wrong with blocking outright on reputable
lists that have a reasonable false positive rate. A moderately large
mailserver I used to admin has blocked ~1.25 million emails based on
spamhaus and spamcop in the last day, or around 15 a second. I'm happy
not to have that flowing through the spam filter.

There's nothing (terribly) wrong with scoring based on RBL hits, even
on crappier lists, and then dropping the mail if it exceeds a
threshold. RFC-ignorant may suck (and it does), but if something's on
RFC-ignorant, SORBS, APEWS etc., chances are the listing is probably
legit.

... but SORBS... I can't say this enough. SORBS is awful. SORBS sucks.
If you block outright based on SORBS you are a bad person and you
should feel bad, and more importantly you deserve to lose email. If
you block outright based on it for mail services that aren't your own,
you should be fired.

Collateral damage is an explicit goal, and they charge for delisting.

F*** 'em.



More information about the nSLUG mailing list