Re: How I deal with (false positive) IP-address blacklists...
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: How I deal with (false positive) IP-address blacklists...
ned+ietf at mauve.mrochek.com wrote:
> You're completely missing the point. This issue isn't knowing how to build a
> large scale email system and I never said it was. Rather, the issue is whether
> or not people's opinions about the effectiveness of various antispam mechanisms
> are valid when all they have is a small amount of experience, often quite
> dated.
Granted that it's always dangerous to extrapolate from a small sample.
But is anybody's experience valid, then?
>From my perspective, the guys who run these large email systems
generally seem to believe that they have to do whatever they're doing,
regardless of how much the filtering criteria that they're using have
any thing to do with the desirability of the mail to the recipient, and
regardless of any particular sender's or recipient's actual experience
with having their mail filtered.
IOW, It's very easy for both the individual and the mail system operator
to find reasons to disregard the other's experience. Who is to say who
is right?
I certainly don't think that a mail system operator's actions to filter
mail without the recipient's consent are inherently justified just
because they happen operating a mail system. They do bear some
responsibility for their role in this process and in their selection of
filtering criteria.
--
As for Ted's message, I just thought it was an interesting anecdote, and
(as others have pointed out) not particularly relevant to the DNSBL
discussion. I didn't see anything wrong with him posting it, and don't
understand why it's provoked such a reaction.
--
And as for DNSBLs From ietf-bounces at ietf.org Tue Dec 9 14:42:25 2008
Return-Path: <ietf-bounces at ietf.org>
X-Original-To: ietf-archive at megatron.ietf.org
Delivered-To: ietfarch-ietf-archive at core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1])
by core3.amsl.com (Postfix) with ESMTP id CA54A3A68CC;
Tue, 9 Dec 2008 14:42:25 -0800 (PST)
X-Original-To: ietf at core3.amsl.com
Delivered-To: ietf at core3.amsl.com
Received: from localhost (localhost [127.0.0.1])
by core3.amsl.com (Postfix) with ESMTP id 379383A68CC
for <ietf at core3.amsl.com>; Tue, 9 Dec 2008 14:42:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.594
X-Spam-Level:
X-Spam-Status: No, score=-2.594 tagged_above=-999 required=5 tests=[AWL=0.005,
BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32])
by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id rSAHZMAeTqXO for <ietf at core3.amsl.com>;
Tue, 9 Dec 2008 14:42:23 -0800 (PST)
Received: from m1.imap-partners.net (m1.imap-partners.net [64.13.152.131])
by core3.amsl.com (Postfix) with ESMTP id 5B5C63A687B
for <ietf at ietf.org>; Tue, 9 Dec 2008 14:42:23 -0800 (PST)
Received: from lust.indecency.org ([72.242.14.237])
by m1.imap-partners.net (MOS 3.10.3-GA)
with ESMTP id BFH56125 (AUTH admin at network-heretics.com)
for ietf at ietf.org; Tue, 9 Dec 2008 14:42:15 -0800 (PST)
Message-ID: <493EF43D.8020203 at network-heretics.com>
Date: Tue, 09 Dec 2008 17:42:05 -0500
From: Keith Moore <moore at network-heretics.com>
User-Agent: Thunderbird 2.0.0.18 (Macintosh/20081105)
MIME-Version: 1.0
To: ned+ietf at mauve.mrochek.com
Subject: Re: How I deal with (false positive) IP-address blacklists...
References: <01N2VWXW3J4M00007A at mauve.mrochek.com> <C0F2465B4F386241A58321C884AC7ECC09EB3C5F at E03MVZ2-UKDY.domain1.systemhost.net>
<01N2VZWB0O8800007A at mauve.mrochek.com>
In-Reply-To: <01N2VZWB0O8800007A at mauve.mrochek.com>
Cc: ietf at ietf.org
X-BeenThere: ietf at ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>,
<mailto:ietf-request at ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf at ietf.org>
List-Help: <mailto:ietf-request at ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>,
<mailto:ietf-request at ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: ietf-bounces at ietf.org
Errors-To: ietf-bounces at ietf.org
ned+ietf at mauve.mrochek.com wrote:
> You're completely missing the point. This issue isn't knowing how to build a
> large scale email system and I never said it was. Rather, the issue is whether
> or not people's opinions about the effectiveness of various antispam mechanisms
> are valid when all they have is a small amount of experience, often quite
> dated.
Granted that it's always dangerous to extrapolate from a small sample.
But is anybody's experience valid, then?
>From my perspective, the guys who run these large email systems
generally seem to believe that they have to do whatever they're doing,
regardless of how much the filtering criteria that they're using have
any thing to do with the desirability of the mail to the recipient, and
regardless of any particular sender's or recipient's actual experience
with having their mail filtered.
IOW, It's very easy for both the individual and the mail system operator
to find reasons to disregard the other's experience. Who is to say who
is right?
I certainly don't think that a mail system operator's actions to filter
mail without the recipient's consent are inherently justified just
because they happen operating a mail system. They do bear some
responsibility for their role in this process and in their selection of
filtering criteria.
--
As for Ted's message, I just thought it was an interesting anecdote, and
(as others have pointed out) not particularly relevant to the DNSBL
discussion. I didn't see anything wrong with him posting it, and don't
understand why it's provoked such a reaction.
--
And as for DNSBLs - clearl- clearly, there are both good and bad aspects to
using third party reputation services as opposed to sites using their
own filtering criteria. e.g.:
benefits of third party reputation services:
- when the number of "customers" of a reputation service helps defray
the cost of maintaining a current and accurate list, and of improving
their criteria over time
- when the high visibility of a popular reputation service helps keep it
honest
drawbacks of third party reputation services:
- when a widely used reputation service is wrong in a way that affects a
large number of sites, whereas when a single site's criteria are wrong
it only affects that site's recipients (and arguably the single site is
more accountable for its actions).
- when the reputation is based on something (like an address or address
block) that isn't sufficiently fine-grained to reliably distinguish spam
from ham, as compared to a site filter which has access to more criteria
and can use the larger set of criteria to filter more accurately.
Once again, the crucial issues seem to be transparency, accountability,
granularity rather than the reputation reporting mechanism. Which is
not to say that the mechanism doesn't also warrant improvement.
Keith
_______________________________________________
Ietf mailing list
Ietf at ietf.org
https://www.ietf.org/mailman/listinfo/ietf
y, there are both good and bad aspects to
using third party reputation services as opposed to sites using their
own filtering criteria. e.g.:
benefits of third party reputation services:
- when the number of "customers" of a reputation service helps defray
the cost of maintaining a current and accurate list, and of improving
their criteria over time
- when the high visibility of a popular reputation service helps keep it
honest
drawbacks of third party reputation services:
- when a widely used reputation service is wrong in a way that affects a
large number of sites, whereas when a single site's criteria are wrong
it only affects that site's recipients (and arguably the single site is
more accountable for its actions).
- when the reputation is based on something (like an address or address
block) that isn't sufficiently fine-grained to reliably distinguish spam
from ham, as compared to a site filter which has access to more criteria
and can use the larger set of criteria to filter more accurately.
Once again, the crucial issues seem to be transparency, accountability,
granularity rather than the reputation reporting mechanism. Which is
not to say that the mechanism doesn't also warrant improvement.
Keith
_______________________________________________
Ietf mailing list
Ietf at ietf.org
https://www.ietf.org/mailman/listinfo/ietf
Note Well: Messages sent to this mailing list are the opinions
of the senders and do not imply endorsement by the IETF.
Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.
