Slashdot Mirror
Choosing a Good DNSBL
stry_cat submitted a story about selecting a good DNSBL. It talks about some of the problems with DNS blacklists and the sorts of things that you should be looking for. Things like Speed, Selection Criteria, and Goals make the list. And of course not requiring payment to be removed from the blacklist.
This seems like as good a place to ask as any. Can mostly email-based DNSBLs be used to try and block comment spammers? I'd love to reduce the load I get from comment spammers trying to spam my website.
I've been contemplating using an existing DNSBL, but all the well-known ones are focused on email spam. I expect that comment spambots and email spambots mostly overlap, but I'm not sure how effective such a measure would be.
You are in a maze of twisty little relative jumps, all alike.
Amen! I have run up against SORBS blocking as well, and we refused to pay them. Unfortunately, their blacklisting service is used by a major U.S. supplier of email addresses. (I can't remember which one at the moment.)
Just say NO to SORBS!
I guess whatever provider that was stopped, because I havn't heard a thing out of my users about Sorbs for a long time. They're irrelevant now, moreso since Sorbs shut their spam list down a few weeks ago after the founder had a breakdown. Did anyone even notice? That's how irrelevant they are.
And what are you basing this belief on?
As long as a site addresses the spam problem and gets results, reads their abuse mail and acts like a good net neighbor I have no problems with them. They should be delisted as soon as possible.
Right. I work for a big webhost, which is blacklisted by SORBS from time to time. The problem is that they do not send abuse reports. (I handle abuse@mycompany and I do not miss or ignore one any mails). They blacklist, and expect you to pay. ...Which makes me think they're interested in the money, not preventing spam.
Contrast that to, for example, Spamcop who sends mails that clearly states what it's about, a copy of the mail headers and a nice link where you can let them know what's been done (such as shutting down the spammers account).
Of course they do. That doesn't mean they're not good; it means they're not perfect.
The fact is, without DNSBLs, the headaches would be worse. LOTS worse. Centralized blocking gives you some kind of theoretical hope of getting unblocked once you've fixed the problem. Decentralized blocking leaves you no chance at all. Furthermore, without tools like DNSBLs, administrators would be far too busy to even get to the point where they could have these headaches.
I'd rather live in a world with a number of reasonably good DNSBLs than not have any.
My blog: http://www.seebs.net/log/ --- My iPhone/iPad app: http://www.seebs.net/seebsfrac/
I have found that my customers don't want me to block spam. I would get complaints from customers not getting their mail from hosts that are being blocked. So I use Spamassassin to tag the spam and filters on my clients to delete it. Yep, I have to process all that spam and yep the customers have to download all that spam, but I don't get any phone calls anymore.
The above is not worth reading.