Real time blacklists – naming and shaming

Long time systems administrators, they tend to either love or hate RBL lists depending what side of things you’re on (or have been on), in most cases people use information returned from these in conjunction with other metrics to more finely tune their spam response rather then using these lists as a be all and end all.

From time to time administrating you will end up on the wrong side of RBL lists more and more however this has less to do with blocking spam, but because of lazy users. Not to mention one of the biggest gripes administrators have to cope with in dealing with RBLs is they are often quite difficult to get off, supposedly to make it difficult on spammers, the jury is still out on that however. You can often find yourself listed even if you weren’t at fault because a large chunk of IP space you happen to be in the middle of is suddenly black listed!

To give some background here, I receive the majority of the bounced emails from the CAcert system and I keep an eye on why emails are being bounced, and it’s quite amusing to read some of the replies, such as people end up black listing their own mail relays.

Others also tend to report emails from us as spam either by accident or because they are simply too lazy to unsubscribe from our mailing lists, or for the emails automatically sent out to verify them on sign up! This almost almost ranks up there with my pet peeve with people black listing APNIC IP ranges (Asia Pacific NIC – which Australia happens to be part of but no where near the highest source of spam, even on a per captia basis!) because “most spam comes from Asia”, which is in fact false and they should black list ARIN instead because most spam comes from the US.

In any case the latest RBL ( that has come to my attention (they actually brag on their website about how many millions of IPs they have blocked!) basically takes the cake and they should be avoided like the plague. They have blacklisted the IPs CAcert sits on, the only information given is that it’s a country black list (you read right, it’s not a company black list, but an entire country), not to mention a country with a really low spam rate in any case!

This kind of thing is normally taken care of by sending in a report and asking to be removed or exempted from the black list, but I challenge anyone to find a method to contact them via their website within the first few minutes of looking, I’m still looking.

These guys are taking a sledge hammer to break open an egg and they should NOT be used as a RBL at all EVER, in fact this is the worst RBL list I’ve ever seen, and they point you to a page disclaiming all responsibility and that someone else has blocked the emails, but they are responsible for keeping an up to date lists otherwise this is a worst abuse then the spam they claim to be trying to prevent.

3 thoughts on “Real time blacklists – naming and shaming

  1. evaldo

    The other day I tried to email some friend in the United States [background info: I live in Brazil] and I got this lovely reject message:

    “Latin America: Go fix your mail servers”

    Isn’t it lovely when people block your country and all nearby countries too, just because they think we have spammers and open relays here?

  2. Guillaume

    Several time I’ve tried to email a Pal in Brazil (you’ve just read him), each time my email was rejected because of RBL lists, both my own permanent IP server and even my french second biggest ISP provider were rejected (I am french ! lol) that’s pretty annoying.

    My IP is not blacklisted, but whole blocks of IP in France are with this lists.

    I currently use TMDA and as many people over there, I use mail account extension to avoid any filter to block the access to my inbox (otherwise check as my honeypot). Thanks to Chris for showing me the way… when registering in one of the mailing list of CAcert. So… Spamassassin coupled with TMDA and greylisting is probably better than RBL only checking…

Leave a Reply