I realize we've pretty much beaten the topic into submission, but thought that some info on a specific list might be a good example of reasonable policies.

The CBL (Composite Block List) at http://cbl.abuseat.org/ is completely automated, and bases its list on addresses which have tried to send spam, malware, worms and so on to servers they monitor.

- Listings have a time limit, so will age off automatically.

- Only single IPs are listed, not ranges.

- While they won't tell you the specific reason for listing (see exception below), there is a no-questions-asked de-listing available. If still infected though, you will be re-listed.

- (quoting) The CBL operates in an entirely automated way designed to avoid listings of spamtrap hits due to bounces of forged spam, virus bounces, and "real" mail servers emitting the occasional spam. It tries very hard to avoid listing legitimate mail sources. It does not attempt to list every possible spam source.

This list is a subset of the Spamhaus XBL list, and happens to be what catches most of the spam sent my way. I've checked quite a few of the IPs blocked on their web form, and it does happen to mention that blockage was due to a specific worm/virus infection.

Cheers, Tim