OT: fighting rbl's

Aleksandar Milivojevic amilivojevic at pbl.ca
Tue Nov 30 15:12:56 UTC 2004 

Jerry Gaiser wrote:
> Don't send mail directly from a dial-up IP.
> 
> Use your ISP to send mail.

He is not using dial-up IP.  He has *static* IP.  One of the reasons 
people *pay* for static IP is to be able to have total control of their 
outgoing mail.  Also, some ISPs will not allow you to relay through them 
if you have static IP.  They give you connectivity and IP address.  That 
is what you paid for and that is where their obligations toward you end. 
  This is more common with big pipes such as E* and T* connections, than 
when you simply pay extra to have static IP on your cable or ADSL.

Anyhow, in my personal experience, using RBL lists for detecting dial-up 
pools for purpose of blind blocking is very bad idea.  Those lists are 
impossible to be made accurate.  It is trivial to find examples of 
dial-up pools not listed in those lists, and to find static ranges that 
are incorrectly listed (mostly small companies that own small number of 
IP addresses, larger companies that own at least entire C class are 
usually spared).  Dial-up pools RBL lists have too much false positives 
and false negatives to be usefull on their own.

The reason is that ISP can use IP ranges it owns however it wants (which 
is perfectly OK, nothing wrong with it).  ISP has no obligations to 
inform anybody what IP ranges it uses for dial-up pools, and what ranges 
it uses for customers who pay extra for static IP (this is perfectly OK 
too).  It can move entire C class from dial-up pool to static customers 
without informing anybody, and it can do the other way around too.  Said 
that, I am not aware of a single ISP that will publish such information, 
and some ISPs will not give you that information even if you ask for it.

Said that, the only place where dial-up RBL list is of any use are score 
based anti-spam tools (such as SpamAssassin).  If you assign small 
score, it will not block emails by itself, but it will make contribution 
to the big picture.  Add AWL to the mix, and dial-up RBL lists become 
actually usefull.  For anything else, *do not* use them.  You'll end up 
blocking legitimate email.  Such as emails from the OP.

-- 
Aleksandar Milivojevic <amilivojevic at pbl.ca>    Pollard Banknote Limited
Systems Administrator                           1499 Buffalo Place
Tel: (204) 474-2323 ext 276                     Winnipeg, MB  R3T 1L7

More information about the fedora-list mailing list