On Mon, 20 Mar 2006, Cord Beermann wrote: > Hallo! Du (Santiago Vila) hast geschrieben: > > > As before, I think it is also time that Debian reconsider the idea of > > "filtering everything after it has been received" which is currently > > working at lists.debian.org. We could use a DNSBL which lists *just* > > open proxies, like cbl.abuseat.org, and we could reject a lot of spam > > at SMTP time. The "feedback ratio" would then be something like 50%, > > not the current 0%, which is seriously low. > > i'm against blocking mail which is correct in the RfC-Sense by some > random RBL. > > I can't say something about the quality of cbl.abuseat.org, but the > experience with Spamcop and other RBLs this would give > Debian-Communication into the hand of Joe Random RBL-Runner.
I'm sorry about your bad experiences with some DNSBLs, but we should judge a DNSBL by their own merits, not by the pitfalls of the others. You say that every message which is correct in the RFC-sense should be accepted. I think that's relative. If we had a procedure to reject nigerian spam at the SMTP level with a very very high accuracy, so high that it would compensate for any unlikely side effects, we probably would use such procedure. What's the purpose of accepting a message which is not going to be distributed to the list, anyway? Rejecting a message for which we are 99.999% sure that it's spam it's surely better than sending it to /dev/null. At least the sender would know that his message has not been accepted, which does not happen currently. Then you call cbl.abuseat.org a "random" RBL. That's terribly unfair. The CBL is probably the best DNSBL ever built. Many people do not know about it because they only remember the ones that gave them a headache (most probably, the ones you have in mind), which this one does not do. Finally you would think about Debian being in the hands of Joe Random RBL-Runner if we used it. That's also a misrepresentation of reality, as the CBL is completely automated to avoid human error. The CBL is based on spamtraps, it is highly effective, it tries very hard not to list "real" mail servers, and everybody can remove any IP from it, without questions (I have yet to see which other DNSBL allow this). It is really hard to imagine a good reason not to use it, other than prejucide (which is not a good reason anyway). Everything I ask is that you listmasters do the math about this particular DNSBL. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
