Mailing List Message #14820
From: Ross Hunter <>
Subject: Re: Mulitple RBLs
Date: Sat, 27 Nov 2004 14:19:26 -0600
To: SIMS Discussions <>
X-Mailer: Apple Mail (2.619)

On 21-nov-04, at 08.51, Bill Cole wrote:

At 1:34 PM -0500 11/18/04, Neil Herber  imposed structure on a stream of electrons, yielding:
How can you tell if something rejected by a blocklist was really spam? All you have to go on is an IP address. I have postmaster and abuse accounts and a web form for people to complain about bad rejects. I have had only 2 complaints in 2 years.

You cannot tell for sure, but I have a log scraper that sucks out all the rejection sessions for examination, and I see things that SIMS cannot check for but which are big red flags of wrongness, like prefacing the SMTP commands with a HTTP command and header stream suitable for a proxy, or HELOing as my IP address, or 6 different IP addresses in 6 different countries HELOing as the same bogus name within a minute.

The risk does exist with some blacklists (most prominently SPEWS and the SpamCop BL) for perfectly legitimate mail to be blocked. If you want that to not happen, you need to pick which ones you use carefully or be willing to define such rejections as non-problems for your site, i.e. affirm the economic disincentive justification for rejecting mail that comes from the same IP address or network as spam.


What are you using for a log scraper?

Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster