Marc wrote: > 1) Blacklist - host that send only spam > 2) Whitelist - hosts that never send spam. > 3) Yellowlist - Hosts that have some spam sneak through but > should never be blacklisted. gmail, yahoo, hotmail, etc are examples.
Blacklisting the big-boys (temporarily of course, meaning you're basing your denial on systems like spamcop, etc...) is a sure-fire way to get them in to action cleaning up their spammers. Letting their stuff slip through and not having any of their clients complaining because they're getting bouncebacks, and their response times to cleaning house will probably be slower. Then there's the line that you'll end up drawing which separates the small from the big - who's to dictate who should be considered for the yellowlist and who isn't? What if an entry in the yellowlist starts to abuse their given privileges and starts spamming a bit too much for some peoples tastes? Would controlling the entries between white, black and yellow be automatically controlled based on statistics perhaps? > The problem with blacklists is false positives. If not for > that we could use them more to block spam. So - with white > and yellow lists we can check then we can make sure that good > servers are never blacklisted. Personally, a "good" server is a server I can trust - and I only trust my own systems... and even then not very much in some cases (speaking in terms of shared services being sold - so I only trust my servers as much as the clients using them). Blacklists will always inherently be subject to false positives. Once you blacklist a domain from sending you email, depending how you implement it (usually before ever receiving email data), you'll never really know if they've cleaned up their act. You may think that based on their history of likely sending nothing but spam that they still are - but maybe they got rid of the problem? Personally, I view the use of blacklists as a very last resort to permantently banning a system from ever interacting with mine again - if they're in my blacklist, they'd have to do something truly impressive to get out of it. I'm referring to system-wide blacklists fyi. Per-user lists, since controlled by individual users, are more like a filter and I leave it solely up to them to control who they want email from - a "yellowlist" at this level actually sounds like a fairly decent idea since there are clients who love their spam filtering, but always like to whine when their buddybuddy using gmail can't send them email because gmail got temp listed in spamcop or something (just an example, I use multiple lists before actually denying). > Who likes this idea? In the end, it shouldn't matter who likes your ideas or not. You're the administrator of your server(s) - what you say goes. If your clients don't like it, you can deal with them individually to see if you're going to rethink the strategy or what have you. If you were getting at what thoughts people would have for trying to put together a common "yellowlist" DNS server - well, that'll work out as well as white and blacklisting has to date. Everyone has their own opinions of who to block and who not to, and nobody truly likes being told who that is (for example, I personally dislike the owner(s) of SPEWS and refuse to ever use their system, or any system that uses their system). I'd say set up your own yellowlist server, publish it as you wish and if people want to try it out, they will. Eli. -- ## List details at http://www.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://www.exim.org/eximwiki/
