OT: Spamcop BL - good or dangerous?
Drew Marshall
drew at technologytiger.net
Wed Nov 29 13:53:18 GMT 2006
On Wed, November 29, 2006 13:19, Rose, Bobby wrote:
> Mostly when I've looked at addresses that are listed at spamcop, the
> addresses are on the temporary blocklist due to the address sending
> messages to Spamcop's spamtraps. It's pretty hard to say it's a mistake
> that a legit system emailed a spamtrap unless they are relaying which
> then raises other questions.
It's not so much if it's a mistake as you are right, some one deliberatly
sent the sample mail to Spamcop but more about who and what is making the
classification. As just about anyone can send 'Spam' to Spamcop, who in
turn will list the relay(s) (Albeit for varying amounts of time based on
frequency), it becomes a question of who does the vetting. The problem
with Spamcop is that 'no one' is the answer. You can end up being listed
if some takes a dislike to your e-mail and sends it on to them enough.
This is what makes Spamcop dangerous to use at MTA.
Of cause this raises the point 'What is Spam?'. Because there is no real,
definitive answer other than 'unsolicited 'junk' mail' how do you define
what users should forward, particularly to a global black list (How many
times do we see requests to this list about configuring MS for individual
black/ white lists, SA settings etc?). I very much like and support the
idea of collaborative anti-spam measures but in the same way that bayes
works on the specific mail characteristics of your mail, so, I think,
should RBLs like Spamcop be used in a measured, weighted way (As it does
in SA).
I do block using the Spamhaus RBLs as not only do I find them less
aggressive but they are (Seem?) better moderated and audited. This means
that, in my experience, fewer false positives and more of the true 'bad
guys' being listed and with less chance of removal.
/Throws his final 2p into the air and steps off soap box...
Drew
More information about the MailScanner
mailing list