On Wednesday, 2004-06-30 at 13:42:16 -0700, Eric Frazier wrote: > Who ever is admining your mail server might want to look into using a > *responsible* list. Spews routinely causes horror for many innocents, > sometimes blocking whole datacenters over one account.
For this partivular case, please read http://spews.org/ask.cgi?S3056 > Almost any other list is an improvement, I have noticed many lists follow > along behind http://www.spamhaus.org/ for example, and they have reasonable > people you can talk to. It is MUCH more likely you will fix the problem by > getting your admin to change his blacklist choice than that you will be > able to get the mod_perl list off the spews listing. They will only rinse > and repeat, "Get rid of the spammer, or move your ISP" > Yes, folks, it is that bad these days. spam means unsolicited email, but > also it means lots of people don't get their legitimate email. I frankly > think the whole thing is a nightmare with no end in sight.. Off-topic (I'm only using perl for this, not mod_perl ;-) ) Since last weekend, I'm collecting RBL hits and misses for spam and ham. Spews is definitely a bad idea. It blocks hermes.apache.org even at level 1. I have written a Perl program that tries to find the "best" RBLs. It eliminates all RBLs that hit servers delivering ham. Then it lets me manually insert RBLs, then it selects by effectiveness. I manually set Chian/Korea blocking and blocking of dynamically assigned addresses. Without manually set RBLs, the hitlist is this: cbl.abuseat.org dynablock.njabl.org no-more-funn.moensted.dk bl.spamcop.net dnsbl-2.uceprotect.net list.dsbl.org spam.dnsbl.sorbs.net cn-kr.blackholes.us multihop.dsbl.org psbl.surriel.com sbl.spamhaus.org dul.dnsbl.sorbs.net dnsbl-3.uceprotect.net ipwhois.rfc-ignorant.org mail-abuse.blacklist.jippg.org cbl.abuseat.org dynablock.njabl.org no-more-funn.moensted.dk bl.spamcop.net catch 90% of the spamming adresses. uceprotect and rfc-ignorant are too dangerous and will probably eliminated by the false-positive checker in a while. I have 18 IP addresses that sent Spam and were not blocked by any list, even the most aggressive ones. 27 addresses were only recognized by aggressive lists, 264 are recognized by the above list of RBLs. Here are the overly aggressive RBLs: blackholes.five-ten-sg.com block.blars.org l1.spews.dnsbl.sorbs.net l2.spews.dnsbl.sorbs.net spews.blackholes.us dnsbl.jammconsulting.com Whoever read this far and is still interested - mail me if you want the code. HTH, Lupe Christoph -- | [EMAIL PROTECTED] | http://www.lupe-christoph.de/ | | "... putting a mail server on the Internet without filtering is like | | covering yourself with barbecue sauce and breaking into the Charity | | Home for Badgers with Rabies. Michael Lucas | -- Report problems: http://perl.apache.org/bugs/ Mail list info: http://perl.apache.org/maillist/modperl.html List etiquette: http://perl.apache.org/maillist/email-etiquette.html
