| sean finney on 30 Apr 2004 13:22:02 -0000 |
|
On Fri, Apr 30, 2004 at 07:57:04AM -0400, gabriel rosenkoetter wrote: > RBLs don't actually work, especially when you let other people > who you don't know manage them. And doing the checks is > indescribably expensive, relative to just accepting the mail, > especially at SMTP time, and if you take too long then, legitimate > clients may hang up on you. i'd disagree with that. rbl's aren't perfect, sure, but they're a good effort and do more good then harm if done in a well thought out way. by this i mean not heavy-handedly rejecting the tcp/ip connection or refusing mail service. i also mean not relying on a single rbl, and not letting any single rbl be able to authoritatively tell you what to do. on the mail servers that i administer, these checks are done from inside spamassassin, and against at least a half dozen different rbl lists. not a single one of these lists if tested positive will score enough to identify a message as spam, but two or three probably would, and almost certainly any other spammish characteristics that spamassassin looks for would tip the scale if it were a close call. i haven't been compiling stats on the accuracy, but i have been monitoring the aggregate amount of spam caught, and after enabling rbl checks the total spam caught jumped by about 500%. sean Attachment:
signature.asc
|
|