OT Spamhaus tactics (was Spamhaus RBLs)

Anthony Cartmell ajcartmell at fonant.com
Tue Oct 21 13:35:20 IST 2008 

>> And don't bother trying to contact them to contest that you have gone  
>> over. My
>> inquiries have fallen on deaf ears.
>>
>>
> I've asked them repeatedly for prices for commercial service (i.e. feed  
> subscripton) and they've not responded to those either... Maybe their  
> idea of a good spam defense is to either not read or discard all mail  
> before reading - either way it's not good business sense.

That made me grin.

A couple of days ago Spamhaus increased an SBL listing from a single IP  
address to an entire /24 block of 255 addresses. Thus many innocent  
servers, my own included, became blacklisted without warning. Their advice  
was that we should be checking that our network host was reading their  
abuse@ e-mail, and that if they weren't then we should get our servers  
hosted somewhere else.

Their response to my complaint of being blocked incorrectly was:

~~~~~~
This is, unfortunately, what happens when Netrino's response to an SBL
listing of a spammer on their network, is to move the spammer to a new
IP address in the same block, and then allow him to continue spamming.

If good mail deliverability is important to you, you may wish to review
whether a provider with such policies is most appropriate to your needs?
~~~~~

Of course the spammer in question had more than on IP address allocated to  
his server, so I'm sure they didn't move him and allow him to continue on  
purpose. Netrino may well have been able to block him more effectively,  
but using hundreds of innocent servers as a lever to put pressure on seems  
unfair to me. A more generous approach might have been to contact the  
innocent server owners and warn us of the problem, rather than let our  
e-mail get blocked. And perhaps even have a mechanism to allow  
incorrectly-listed servers to be de-listed without needing to involve the  
block owner?

The range of IP addresses listed in the SBL was reduced to just eight  
addresses a day or two later, and then finally removed altogether. The  
upside was that I learnt how to relay mail via my other server, hosted  
elsewhere, to avoid the blacklisted IP range.

Spamhaus seemed such a good idea, but my opinion of its accuracy and  
policies is somewhat tainted now...

Cheers!

Anthony
-- 
www.fonant.com - Quality web sites

More information about the MailScanner mailing list