2011/6/21 Tony Finch <dot@dotat.at>:
Spamhaus. And none of your complaints apply to them.
Oh really ? So the blame is to throw at Google Docs administrators for beeing blacklisted (on the SBL, which should contain only "verified spam source", thus implying discussion with the service manager) ? And BTW, who is Spamhaus to claim any legitimacy about who can or can't register a domain ? (referal to the .at phishing campaign). Alright, those are probably exceptions, and _some_ lists may be usefull, but obviously noone can claim to have an efficient "zero false-positive" list. Blindly relying on those lists _will_ lead to false positives and are a comodity for mail server administrators that might lead to sloopy filtering and weaker control over their mail infrastructure. Also, such lists are _centralized_ systems that *might* (worst case scenario) be spotted for attacks. What would be your mail infrastructure load if you rely on a list that disapear overnight ? Yeah, right, anycasted DNS infrastructure, redundancy over 4 continents, that's fine for most of us ('til it fails). In my opinion, the use of RBLs as a first level filter for incoming mail, instead of greylisting, rDNS and strict protocol compliance (cluttered with some Exchange bug-compatibility perhaps), is less reliable, so it's against what I shall consider as a best practice. I hope that clarifies my point of view, and please excuse me for the previous insults, I just have a hard time reading "hey, my critical services are dependant of an external, centralized entity with no transparency and that's good for the Internet" without compulsive expressions including F. words. -- Jérôme Nicolle