On 17 Nov, John Lange wrote:
For example, lets say there are some spam bots on an ISPs network. They send out spam relayed through the ISPs mail server. Does this not mean that the ISPs mail server will quickly find itself on a block list?
If the answer is "no", then the blocklist isn't accomplishing anything since no spam is being blocked.
If the answer is "Yes", then my issue is that thousands of innocent mail users on that ISP will be inconvenienced for absolutely no fault of their own.
The other day I ran into a "Yes" situation that was causing an ISP to completely block email from all of Shaw -- including Shaw's smarthost! The agressiveness and braindead-ness of servers and RBL's has been taken to an insane level. No one cares about false positives anymore.
This brings up another problem with block lists. What if you get a virus and your machine gets hijacked to send spam? Bingo you are on a blocklist and good luck getting removed especially since the average user is not likely to have any clue they are even on the list.
This happened all the time before the RBL's decided to block the entire Shaw/MTS dynamic IP space -- the greater of two evils.
And it is my understanding that the blocking is frequently done on entire subnets or even entire ISPs. Again, lots of innocent victims of this technique.
Yup.
iptables -A INPUT --destination-port 25 -j DROP
Guaranteed to eliminate 100% of your spam ;)
MTS's (dynamic-IP) approach!