|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: spamcop blocklist & SANS
From: Scott Dier (dieman
ringworld.org)
Date: Fri Jan 02 2004 - 02:25:13 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
You obviously don't run a site where many of your users foward-through
your site. I've seen a large site with many forwarding users get
blocked by spamcop because of how their system forwards messages without
preserving the Recieved: lines... spamcop lists them often enough these
days to be more than annoying.
It's also a good reason never to strip off Recieved: lines. :)
Or, its a good reason to make sure that the outgoing mail server is a
different ip and block than any names that are shown in Recieved: lines
for incoming mail.
Off the top of my head, I would recommend dsbl over spamcop.
But hey, its your users, its your server.
* Rob Foehl <rwfloonybin.net> [031230 14:16]:
> On Tue, 30 Dec 2003, John Peach wrote:
>
> > Anyone who has been using the spamcop blocklist should read item 4 of
> > the SANS Training and GIAC Certification Update 17
> > (http://www.sans.org/newsletters/statusupdates/17.php)
> >
> > Pretty conclusive reasoning for not using that particular
> > blocklist......
>
> I'd say it's pretty conclusive reasoning why anyone who blindly takes SANS
> publications as gospel shouldn't be allowed within 50 feet of any
> production systems. People who actually understand security don't
> implement policy by copying it verbatim off some website; they also don't
> tend to take kindly to childish threats (choose between SANS and spamcop?
> Please.) or accusations of incompetence by questionably competent third
> parties that are just throwing a fit because some of their mail bounced.
>
> I've had excellent success with spamcop; I'm well aware of the risks and I
> use it anyway. So far, the only pseudo-legitimate mail I've lost have
> been a few "see what's on sale this week" newsletters. Nobody complains.
> And they add up to maybe a dozen messages in the last six months, compared
> to the *thousands* of appropriately rejected spams. If that level of risk
> is too great for you, there's a simple solution: Don't use it. Posting
> links to whiny rhetoric on mailing list to "conclusively" support your
> opinion isn't necessary.
>
> -Rob
>
--
Scott Dier <diemanringworld.org> KC0OBS http://www.ringworld.org/
Free USA from energy dependence, http://www.apolloalliance.org/
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]