Fred Stluka on 28 Aug 2009 10:28:34 -0700

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] How to avoid spam blacklists?...

Michael Bevilacqua wrote:
> That makes all the difference. Sorry that I misunderstood. I was 
> thinking something along the lines of you getting an IP from a public 
> pool, where that IP could already be listed on a BL for one of the 
> many reasons I mentioned. But this isn't the case as you have explained :)
Well, it IS from a pubic pool, but once I grabbed it a couple
months ago, it will never change again.  That particular IP is
not on a BL, but it IS in a pool of suspect addresses.

Specifically, at, it:

- Is NOT on the the Spamhaus Block List (SBL) -- a realtime database
  of IP addresses of spam-sources, including known spammers, spam
  gangs, spam operations and spam support services.

- Is NOT on the Spamhaus Exploits Block List (XBL) -- a realtime
  database of IP addresses of hijacked PCs infected by illegal 3rd
  party exploits, including open proxies (HTTP, socks, AnalogX,
  wingate, etc), worms/viruses with built-in spam engines, and other
  types of trojan-horse exploits.

- IS on the Spamhaus Policy Block List (PBL) -- a database of
  end-user IP address ranges which should not be delivering
  unauthenticated SMTP email to any Internet mail server except
  those provided for specifically by an ISP for that customer's use.
  The PBL helps networks enforce their Acceptable Use Policy for
  dynamic and non-MTA customer IP ranges.
  PBL IP address ranges are added and maintained by each network
  participating in the PBL project, working in conjunction with the
  Spamhaus PBL team, to help apply their outbound email policies.
  Additional IP address ranges are added and maintained by the
  Spamhaus PBL Team, particularly for networks which are not
  participating themselves (either because the ISP/block owner does
  not know about, is proving difficult to contact, or because of
  language difficulties), and where spam received from those ranges,
  rDNS and server patterns are consistent with end-user IP space
  which typically contain high concentrations of "botnet zombies",
  a major source of spam. Once aware of them, the ISP/block owner
  can take over such records at any time to manage them further.
  The PBL lists both dynamic and static IPs, any IP which by policy
  (whether the block owner's or -interim in its absence- Spamhaus'
  policy) should not be sending email directly to the MX servers of
  third parties.

I'll try to work this out with Spamhaus and Amazon, but don't expect
much luck because I suspect it would be a big job for Amazon to
police their users enough to satisfy Spamhaus and get de-listed.
Maybe Amazon will eventually allocate a separate better-policed set
of IP addresses.  Meanwhile, I'm looking into solutions involving
relaying my e-mail from my SMTP server to another.

Any better ideas?

Fred Stluka -- --
Bristle Software, Inc -- -- Glad to be of service!

Philadelphia Linux Users Group         --
Announcements -
General Discussion  --