D.J. wrote:
Blocking mail base soley on the IP address (whether because it is a
dynamic address or has at some time in the past sent a mail to a
spamtrap) is akin to shooting the postman because yesterday you
received an advertisement.
You obviously don't handle a lot of mail volume. If I had to scan every
SMTP request that came in, and did not use the to DNSBL's I use (neither
are SpamCop) I would need WAY more powerful hardware than I currently
have, and I don't have chump hardware as it is. As it stands, using
qmail + spamassassin + clamav on three load balanced Dual Xeon 2.8 GHZ
machines with 2GB of RAM handles the flow with an average 5 minute load
average of around 3-4. And that's with the BL's enabled. Think of if I
had to actually process the other million or so messages (NOT an
exaggeration) that attempt to hit my servers...
As someone has probably already pointed out... admins use these lists
because they trust their accuracy. If they receive too many complaints
(as we did with a particular DNSBL) you stop blocking on that list and
move to only scoring.
I think pretty much everyone understand WHY people use these BLs. This
is not the point. The point is, its not a very good solution.
If you have 100gb of data you need to back up every day and you only
have 50gb worth of tapes to back that data up onto, would you only back
up half of it and trust that your hardware wont fail? This is
essentially what you are doing.
The CORRECT solution to the problem is to buy more tapes. Just like a
better solution to your problem is to buy more machines to process the
mail, not trust someone else to tell you who should and shouldnt be able
to send mail to your server. FPs WILL happen. If you havent seen any
yet, great, but be damn sure you will at some point.
I understand that this can get incredibly expensive and this is most
likely why people use BLs at all, but that does *not* mean that
rejecting mail based on these lists is by any means the solution to the
problem.
