calum.org:~#

Email blacklists

Tags: rants email

Added: 2007-01-02T20:49

Email blacklists

I am a big fan of them. They're very useful. You can configure your email server to throw away any SMTP connections from, say, China, or any IP that has sent spam recently. Or any mail server that is located in a Dial-up user range.

This is the problem. This relies on the fact that the people running these lists only put valid, correct information in them.

I've been bitten by this.

Recently, someone added a range that I'm responsible for to the mail-abuse.com DUL - their Dial Up Users list.

I calmly and politely contacted them, and told them that:



We aren't "Dialing up"
We'd never sent spam/been used to send SPAM
We have a /23 of IPv4 address space allocated to us
We have our own AS number
We are multihomed (peered with multiple ISPs)
We advertise our routes with BGP

If this isn't about as unlike a "Dial up user", or a user on ADSL, I don't know what is.

However, this isn't good enough for them. They want me to talk to my ISP (which one?) and ask them to get the information updated.

We got our IP addresses from a LIR, nothing to do with any of the ISPs that provide our connectivity.

Surely, if you have an AS (Autonomous System) number, and your own IP ranges allocated to you, you by definition can say what your IP range is, and isn't?

So currently, emails to any mail server that rejects emails from servers in the mail-abuse.com DUL are bounced, with a nice link that explains that the administrator of that email server has chosen to block emails from Dial Up User ranges.
Which is absolutely fine.
..... Apart from when that information is completely inaccurate.


From the mail-abuse.com website:
The RBL+ service is now offered under the Trend Micro brand, but will still be held to the same high standards to which it has always been maintained. The MAPS Threat Analysis team is now a part of the Trend Micro Threat Prevention Network and will continue to follow the stringent policies and guidelines for the nomination and removal of IP addresses from the various blocking databases.

So I'm definitely never going to use mail-abuse.com for my blacklists. And I'd like to alert other people to their silly policies. Am I annoyed? You bet. Is it because people use their lists to block emails from my range? Not at all. It's at the inaccuracy of mail-abuse.com's lists.

I use (and recommend) countries.nerds.dk for country blacklisting, and SpamHaus for lists of machines that have recently sent spam/trojans.

posted by Calum on 2007-01-02T20:49 under

Add a comment

Your IP:
Please enter 9572567 here: