Autor: Peter Bowyer Data: Para: Exim, Users Asunto: Re: [exim] OT(?): SRS vs. SORBS sending mails with '<>' sender
On 05/01/07, Renaud Allard <renaud@???> wrote: >
>
> Peter Bowyer wrote:
> > You've used them all, and experienced FPs? What about dul?
> >
>
> DUL is probably the most broken one. Why? because unless you are an
> american ISP, you are not really "required" to give good info about your
> dynamic and non dynamic ranges. That means most european (and probably
> others too) ranges are just not declared the way they should. I know
> this is a shame and that shouldn't be that way, but it is done that way.
> On many european networks, you just are blacklisted unless you do a step
> to prove your you are not (correct RDNS, which should be required anyway
> in my mind, + a contact and mandatory registration with sorbs).
You are *listed*. If your listing doesn't meet SORBS' criteria,
there's a removal form which doesn't require registration (I just
checked). They accept de-listing requests from registered netblock
owners or end-users, and process them automatically if the rDNS
matches Matt's suggested naming conventions. Sounds like a solid
process to me - have you had problems with it?
SORBS DUL helps us block tens of thousands of zombies a day. It's a
very useful tool for us. FP rate: In the past 6 months:1. And that was
a guy who was only delivering directly because his ISP's relay got
itself blocked by Spamcop (which we don't use).
I'm only going on about this to ensure that the archives carry a
balanced perspective.
>
> After all, if all mail servers were required to have matching HELO, PTR
> and A records, blocking spam would be almost trivial (and I must admit
> those should be mandatory requirement for mail servers nowadays).
Fair enough, but this doesn't have anything to do with SORBS.
>
> >> I am sorry to tell that, but is you use sorbs as a first line of defense
> >> and reject with 5xx on this only, be prepared to reject a bunch of
> >> legitimate mails.
> >> I prefer to use them on a basis like "if you are listed on sorbs spam
> >> and the callout doesn't verify, and you are attaching an image, just
> >> forget about sending me mail". So they are useful, no doubt about this,
> >> but just cannot be trusted.
> >
> > What's you're evidence for this? Broken down by the 17 separate lists.
> >
>
> Experience with most of them. Unfortunately, I cannot give you any more
> evidence because I stopped using sorbs as a first line defense quite
> some years ago.
Perhaps you should qualify your advice with this statement, then? Not
all of the lists - just most of them (I wonder how many?), and you
don't actually use them for blocking so you can't tell us what your
stats are.
