You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@spamassassin.apache.org by Warren Togami <wt...@redhat.com> on 2009/10/12 17:33:39 UTC
Re: White lists and white rules
On 10/12/2009 09:18 AM, Marc Perkel wrote:
> For what it's worth there are really only 3 serious white lists on the
> planet. I'm surprised no one is
> testing the emailreg list. There are dozens of black lists. Doing white
> lists is actually easier than doing
> black lists because there are thousands of servers out there that send
> nothing but good email. That have
> good FcRDNS, they are static, and unlike the black lists IPs they aren't
> trying to be evasive. It's low
> hanging fruit. On my servers if you are white listed your message just
> sails through the system.
This seems to me like a naive system. Even the best networks that send
nothing but ham will occasionally have an infected spambot.
BTW, how do I report HOSTKARMA W failures?
Warren
Re: White lists and white rules
Posted by "J.D. Falk" <jd...@cybernothing.org>.
Ted Mittelstaedt wrote:
> Thus, any reputable blacklist service will ALSO need to constantly
> monitor to make sure that any IP that's listed still deserves to be
> there.
Absolutely. I keep forgetting that anyone would think otherwise; major spam
sources haven't been stationary in years.
--
J.D. Falk
Return Path Inc
http://www.returnpath.net/
Re: White lists and white rules
Posted by Ted Mittelstaedt <te...@ipinc.net>.
J.D. Falk wrote:
> Aaron Wolfe wrote:
>
>>> Not true. There are servers that say send out bank statements and
>>> 100% of
>>> what it sends is bank statements.
>>
>> Until the day those servers get hacked, or they take on a new client
>> who sends a different type of mail, etc.
>
> That's why any serious 3rd party whitelist service will constantly
> monitor to make sure that any IP that's listed still deserves to be there.
>
The same issues apply equally to both kinds of services.
One of the big concerns today is we are running out of IP addresses
and most networks are not ready to switch to IP version 6 yet. Runout
of "virgin" never-assigned IPv4 addresses will occur within 2 years
and for a number of years following there will be a large effort
made to recover abandoned IPv4 addresses. Many of those addresses
are occupied today by squatters who have gotten disreputable ISP's
to announce them, and are using them to spam. Within 2-3 years those
addresses will be reassigned to ISPs who will be cleaning them up,
and will be wanting to use them legitimately.
Thus, any reputable blacklist service will ALSO need to constantly
monitor to make sure that any IP that's listed still deserves to be
there.
Ted
Re: White lists and white rules
Posted by "J.D. Falk" <jd...@cybernothing.org>.
Aaron Wolfe wrote:
>> Not true. There are servers that say send out bank statements and 100% of
>> what it sends is bank statements.
>
> Until the day those servers get hacked, or they take on a new client
> who sends a different type of mail, etc.
That's why any serious 3rd party whitelist service will constantly monitor
to make sure that any IP that's listed still deserves to be there.
--
J.D. Falk
Return Path Inc
http://www.returnpath.net/
Re: White lists and white rules
Posted by Aaron Wolfe <aa...@gmail.com>.
On Mon, Oct 12, 2009 at 11:50 AM, Marc Perkel <ma...@perkel.com> wrote:
>
>
> Warren Togami wrote:
>>
>> On 10/12/2009 09:18 AM, Marc Perkel wrote:
>>>
>>> For what it's worth there are really only 3 serious white lists on the
>>> planet. I'm surprised no one is
>>> testing the emailreg list. There are dozens of black lists. Doing white
>>> lists is actually easier than doing
>>> black lists because there are thousands of servers out there that send
>>> nothing but good email. That have
>>> good FcRDNS, they are static, and unlike the black lists IPs they aren't
>>> trying to be evasive. It's low
>>> hanging fruit. On my servers if you are white listed your message just
>>> sails through the system.
>>
>> This seems to me like a naive system. Even the best networks that send
>> nothing but ham will occasionally have an infected spambot.
>>
>> BTW, how do I report HOSTKARMA W failures?
>>
>> Warren
>>
>
> Not true. There are servers that say send out bank statements and 100% of
> what it sends is bank statements.
>
Until the day those servers get hacked, or they take on a new client
who sends a different type of mail, etc.
Re: White lists and white rules
Posted by Marc Perkel <ma...@perkel.com>.
Warren Togami wrote:
> On 10/12/2009 09:18 AM, Marc Perkel wrote:
>> For what it's worth there are really only 3 serious white lists on the
>> planet. I'm surprised no one is
>> testing the emailreg list. There are dozens of black lists. Doing white
>> lists is actually easier than doing
>> black lists because there are thousands of servers out there that send
>> nothing but good email. That have
>> good FcRDNS, they are static, and unlike the black lists IPs they aren't
>> trying to be evasive. It's low
>> hanging fruit. On my servers if you are white listed your message just
>> sails through the system.
>
> This seems to me like a naive system. Even the best networks that
> send nothing but ham will occasionally have an infected spambot.
>
> BTW, how do I report HOSTKARMA W failures?
>
> Warren
>
Not true. There are servers that say send out bank statements and 100%
of what it sends is bank statements.
As to reporting failures, email me the list.