Re: [Exim] rbl server spews...

Top Page
Delete this message
Reply to this message
Author: Alan J. Flavell
Date:  
To: Exim users list
Subject: Re: [Exim] rbl server spews...
On Thu, 19 Jun 2003, Margrit Lottmann wrote:

> His emails to our domains were refused because
> of rbl checking with server spews.relays.osirusoft.com.


I think you need to understand and accept Spews policy if you choose
to use them.

> He wrote that spews.relays.osirusoft.com is an unserious
> rbl checker ????


On the contrary, I'd say they _are_ serious, but it means that some
innocent (d.h nicht nur unschuldig, sondern auch arglos) parties who
associate with spammers will also be made to suffer. That is part of
the policy! The purpose is to persuade serious customers to find a
serious service provider - not to go complaining to people who are
trying to defend themselves against spam.

> Has anybody also such negative results with that server???


We have used spews for some time now as an absolute block, but it's at
the end of our tests, with the result that most spams get rejected for
some other cause. At the moment, we are only rejecting perhaps a
dozen items a day for the specific reason of "spews". By visual
inspection, I'd say one of those that we rejected recently might have
been a commercial mass-mail, as opposed to real spam, the rest are
pretty obvious spams, with the usual fantasy sender addresses and so
on.

To be honest, my colleague at the central mailer, where they handle
many more mails, says he would not use spews as an absolute block.

If you don't have the strength of will to explain to your frustrated
sender that they should be complaining about their service provider,
rather than about those who are trying to defend themselves from spam,
then you could consider following your normal absolute-block ACL -
minus spews - with a two-stage ACL, along these lines:

  deny    hosts = +rbl_hosts
          message = ..whatever..
       dnslists = bl.spamcop.net
       dnslists = ... : spews.relays.osirusoft.com : ...


so that you only reject on addresses which are both spam-suspect per
spews, _and_ actually appearing in Spamcop. By all means include
other technical blacklists such as ORDB, DSBL, Dynablock, opm.blitzed
- none of which we would want to use as an absolute block, but as soon
as the IP _also_ appears in Spamcop, then that ACL will block them.