On Wed, 22 Mar 2006, Cord Beermann wrote: > Hallo! Du (Santiago Vila) hast geschrieben: > > > I'm sorry about your bad experiences with some DNSBLs, but we should > > judge a DNSBL by their own merits, not by the pitfalls of the others. > > one day every RBL goes away, and how it does this isn't predictable. i > remember at least one RBL, which started to respond for every request with > 'Spamrelay' to get rid of the users. That day (weeks) some people > didn'T get any spam. (they also didn't get any mails at all.) So this > is definitly no option for us.
You probably refer to relays.osirusoft.com. Why do you say "weeks"? Are you trying to extrapolate? In such case, do you consider our debian admins so incompetent (so to speak) that we would not be able to notice about a shutdown like this in weeks? I don't think it is fair to extrapolate here. In either case, with the CBL, it is possible (under certain conditions) to retrieve the list by rsync to be run on our own DNS servers, so the risk of "suddenly marking everything as spam" could be eliminated completely. > [...] > > Then you call cbl.abuseat.org a "random" RBL. That's terribly unfair. > > The CBL is probably the best DNSBL ever built. Many people do not know > > about it because they only remember the ones that gave them a headache > > (most probably, the ones you have in mind), which this one does not do. > > How much money do you want to bet on CBL that they never generate > false positives or switching to an insane policy? [ Hmm, we now use money that we bet as an argument? ] Downloading the list itself by rsync makes the "switching to an insane policy" risk to disappear at all (if by "insane policy" you refer to replying with 127.0.0.2 to every DNS query). As for "never generating a false positive", I'm sure that there *will* be false positives, but they will surely be anecdotical (as this list is well known for its extremely low false positive rate). Considering that anybody can remove any IP from the list, false positives are not a big issue. You may think about the no-question procedure for removing IPs from the list as some kind of self-regulation. > Maybe using CBL as another score in SpamAssassin is an option, Sure it is, but the whole point why I propose using a very good DNSBL is so that at least *some* fraction of the messages which are not distributed to the list receive a feedback that their message has not been accepted, as opposed to the current feedback rate of 0%. This is exactly what the submitter of this bug was complaining about, and using a very good DNSBL would be a partial solution (which I think it is better than no solution at all). If you just use the list to add Spamassassin score points, none of the false positives will be notified that their message will not be sent to the list. > but again: it isn'T an option to give the main communication of > Debian into the hand of non-Debian parties. Except that, in some sense, we are already in the hands of non-Debian parties. Just take a look at the spam stored in the list archives. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
