2011/6/20 David Miller <dmiller@tiggee.com>:
OK. I'll bite. What particular "internet best practices" are Spamhaus trampling on?
RBL's are often seen as an "easy solution" to a quite complex problem. Most mail administrators are relying on them so blindly that some may forget to evaluate an RBL's pertinence regarding their particular needs. Providing such an "easy" way to avoid learning how to provide your mail service definitely has a bad influence for the overall quality of mail services. That's a first negative impact : letting noobs think they can manage a mail server because "the magic RBLs seems to solve my major issue" without looking to further side-effects. Next in line, RBL managers don't even try to contact abuse@ or postmaster@. So mail admins can't use them as a way to improve their setups. Well, of course, it probably started with large corporation routing ther abuse@bigestrmailserviceonearth.com to /dev/null, but that's not the point : if you pretend to improve mail services, do it right : use abuse@ and postmaster@ before blacklisting (note : botnets sending from forged domains have to be considered differently of course, but the rDNS check often fits that part quite well). Last but not least, some RBLs are extorsion scams requiring one to pay to get it's inetnum removed from any blacklist. It might be just an incentive to help a non-profit charity cause, it still smells like a mafia-related scam to me. Let the RBLs' maintainers clean up their front doors before asking for any legitimacy. Right now, relying on them is either stupidity or lazyness. But if you can point me to any serious organisation providing a real value-added service maintained by real professionals, those who performs thorough checks _before_ putting a legitimaite mail server in a blacklist, then i'd enjoy benchmarking it on a test domain. Just let me doubt it'll be of any good regarding how efficients is a properly managed mail server with just a few tech tricks. -- Jérôme Nicolle 06 19 31 27 14