Log in

No account? Create an account


MAPS sucks

« previous entry | next entry »
12th Apr 2007 | 07:56

We use the JANET subscription to the MAPS RBL+. It is a frequent source of false positives which causes a great deal of irritation.

  • Their RSS (relay spam stopper, i.e. list of open relays) does not have any re-testing nor any expiration of old entries, so is full of shockingly stale entries.
  • Their DUL (dynamic user list, i.e. list of home computer IP addresses) has many errors. They do not track re-assignments of address space which caused them to list gmail's servers earlier this year.
  • Spamhaus's ZEN list is just as effective but much more trouble-free. Why is JANET paying for the RBL+ and not ZEN?
  • They do not accept corrections from their paying customers. WTF!
Sadly I can't easily ditch the RBL+ since using both it and ZEN adds 20-25% to our block rate compared to either alone, so performance would suffer horribly. Also, I don't want to get into the game of maintaining my own blacklist and/or whitelist - a time sink I do not need.

| Leave a comment |

Comments {6}


from: mas90
date: 12th Apr 2007 11:57 (UTC)

Are RBL+ and ZEN the only two DNSBLs you use, or are there others?

Until just now I was using Spamhaus SBL+XBL on its own, which I've just replaced with ZEN. I've thought for a while that there might be other blacklists out there that it would be worth using in addition. (But based on your comments I think I'll avoid the RBL+...)

On a slightly tangential note, how harmful would you say it is to do sender callout verification for all sender domains, rather than just a handful on which this is known to be effective?

Reply | Thread

Tony Finch

from: fanf
date: 12th Apr 2007 12:01 (UTC)

Sender callback verification suffers from a terrible false positive rate, especially for email from web sites - we had lots of problems with various Web Of Science mirrors, for example. It's also becoming less and less effective - http://fanf.livejournal.com/70432.html?thread=263968

Reply | Parent | Thread

I like sender verification callouts

from: anonymous
date: 12th Apr 2007 13:48 (UTC)

And, if I get a false positive report, I report it to the sending site. Generally, they fix the problem, sometimes with my help.

Reply | Parent | Thread


from: nonameyet
date: 12th Apr 2007 19:55 (UTC)

At work, I use sender-verification callbacks on all (none whitelisted) domains, admittedly after fanf (my ISP and MX primary) has filtered everything for me.
I accept that it has significant downsides (I also fore-saw jmason's point that it encourages spammers to use read sender address) and more operator intervention than anything else I do, but the fundamental point is: why accept an email that you can't reply to ?

Exim's caching means that I'm not doubling or trebling the amount of email flying around, which would make me more than uneasy.

Reply | Parent | Thread

Suresh Ramasubramanian

from: hserus
date: 18th Apr 2007 05:03 (UTC)

The MAPS lists have gone to the dogs ever since they started going "for pay" and with paid employees instead of volunteers.. and now theyre taken over by trendmicro .. well, its a legacy thing now. I personally wouldnt use it, even at grandfathered, heavy academic discount type prices.

Zen's very good indeed. We do use SORBS duhl additionally but .. with a very heavy whitelist and frequent fp reports back to SORBS.

Reply | Thread

Do not use SORBS! Do not block regular emails..

from: timum
date: 21st Nov 2007 15:45 (UTC)

I was going through a trouble shooting for an email issue. Then found out that the IP number was blacklisted by SORBS.
I went to SORBS web site to see the reason they blacklisted my IP..
They only showed me one of our domain name which was spammed.
The domain name they show on their site DO NOT even have one email account. No email settings NOTHING. I use that IP as a shared IP number that is why I need it to be removed If not I really do not care..
btw: They charge $50 for delisting. I guess they are too greedy to list even domain names w/o an email account.
I hate spam and spammers.They crashed one of my server's hard drive once. When they sentenced the guy for 9 years for spamming, I did not feel sorry for him. He did deserve 9 years..

I do also believe there is no clean emailing list.


Reply | Thread