![[SpamCop.net - protecting the internet through technology]](http://news.spamcop.net/newlogo.jpg)
[SpamCop-List] Re: Open Proxy SCBL Rules
K. Crocker
nobody at spamcop.net
Thu Feb 3 23:16:42 EST 2005
Bert Driehuis wrote:
> K. Crocker wrote:
>
>> I made a request of my ISP to reveal the anti-spam steps they take and
>> how effective they are at blocking spam.
>
>
> The first is a reasonable request. The second is not. Some spammers want
> to fly beneath the radar and stop a spam run to 1,000 recipients because
> they get a bounce that may indicate that they've been found out. Other
> spammers will just not give up until your MX said "250 OK" to them. In
> the first example, blocking one message saves a thousand spams, in the
> second example, blocking a thousand messages will not stop the spam if
> only one slips through. Spam stats are unreliable.
>
> I have seen evidence of both forms and I'm not exagerrating the scale.
>
> > My ISP was recently acquired by
>
>> another company, so its unclear (at least to me) whether their methods
>> are consistent across both company's servers. Their reply was terse:
>>
>>> Currently, we use a number of RBL's:
>>>
>>> sbl.spamhaus.org
>>> bl.spamcop.net
>>> dnsbl.njabl.org
>>> list.dsbl.org
>>> relays.ordb.org
>>> dynablock.njabl.org
>>> dnsbl.sorbs.net
>>> cbl.abuseat.org
>
>
> That's a pretty comprehensive list. I'd personally throw in the PDL
> because I believe dynablock isn't as comprehensive as it used to be, but
> other than that it is a sane setup for most users. The list is certainly
> more aggressive than I could stomach, if I don my support-role hat.
>
>> I'd appreciate your comments based on this list. Like I said in a
>> previous post, I'm still getting at least 40 spam a day, but I have no
>> idea how many are blocked (I asked and they didn't tell). They have
>> generally been a reliable ISP over the years, but sometimes they lack
>> a certain attention to detail. For example, when I sent my info
>> request to the advertised support address, it bounced with:
>>
>> 550 5.1.1 /usr/home/hostmaster/.forward: line 5: ~... User unknown
>>
>> Fortunately, their phone works!
>
>
> Yeah, that really looks amateurish. Then again, I'd pick an ISP that
> makes the odd mistake and is honest over the goliath that lies about
> mistakes and stonewalls its customers any day.
>
> If the outright blocking isn't sufficient, you may want to get them to
> tag all mail with SpamAssassin. That way, you give the worst spammers
> the "250 OK" he craves so much while not having to deal with the spam.
>
> It is impossible to win the war on spam and still leave the US a
> democracy. If you have spare cycles, get your elected representative off
> his proverbial to make sure that law enforcement does their job. Last I
> checked, computer breakins were illegal in the US and the vast majority
> of spam comes from a small number of people in the US breaking US law to
> deliver spam to the tune of around $10bn damages per annum. If I were a
> politician I'd see an opportunity there.
Thanks for your comments, although most of the spam that makes it
through the gauntlet above into my mailbox comes from China, Korea,
France, Brazil, and Russia. From USA residents (I can't bring myself to
call them citizens), most likely, from USA machines, no. Web hosting is
another issue. This is just my observation. What my ISP's server sees
may show a different mix.
More information about the SpamCop-List
mailing list