(Courriels de diversion: <deroute@relayer-degazant.com> <repus@calibrent-grossissent.com> <irrite@urgences-grâce.com> <favoriserait@debarquerent-colmatera.com> <entr'aperceviez@encastrera-libres.com> <sillonnaient@cauteriseriez-repererait.com> <spoliateur@appele-depaqueter.com> <gendarme@assermenter-sportivement.com> <alcools@rebâtiras-chequier.com> <arrimez@oppressifs-ingurgitiez.com> )
pas le temps de traduire, pardon... jdd ---------- Message réacheminé ---------- Subject: Re: Off-topic: AOL supporting mail abuse lists... Date: Thu, 29 Mar 2001 12:44:12 -0800 From: ed@alcpress.com Dan, In addition to currently writing a LPI Certification study guide and teaching Linux courses, I spend my time teaching courses on DNS. Part of this training involves how to create a Realtime Blackhole List or RBL. RBL's are used by mail servers to determine if mail should be rejected because it is coming from an open relay or spam site. RBLs can be public or private. If you use a public RBL, you have little control over what spam sites are in the list. For example, I continually receive spam mail from the same mail servers even though my mail server checks the public RBLs. For numerous reasons, the public RBLs don't list all spam sites. The solution is to use a private RBL as well. Most modern mail servers for Linux and Unix allow you to use multiple RBLs. Postfix, Exim, and qmail do this. I use Postfix. Private RBLs can be run by individuals but are more effective when run by a group. A good example is the RBL that was setup and is maintained by the networking user group in my city (at my urging). Members of the group benefit by either: a. having their mail servers use the group's private RBL in addition to the public RBLs. b. having their email sent to the group's mail server where spam is stripped away. Mail that survives the RBL filter is then sent to the member's normal email address (where the member's mail server may do additional spam suppression). While an RBL can be built with BIND, BIND is simply the wrong tool for the job. The rbldns program from D.J. Bernstein is a far better tool. It makes the maintenance of a RBL list simple. You can, for example, place an entire IP address range in the list with a single line in the rbldns data file. BIND requires two lines per individual IP address and IP addresses expressed in the usual, non-intuitive, backwards in-addr.arpa notation. With a private RBL, a group could decide, for example, that its members (or a subset of the membership) have no reason to accept mail from certain parts of the world where the bulk of all spam mail seems to originate. The rbldns program makes it easy to reject all mail from the IP address ranges that are published on a per-country basis by organizations like RIPE and APNIC. Yes, rejecting mail based on geography is a controversial issue and it's too bad the spammers have forced groups to resort to this. The Internet is a bit less free and open as a result. Maintaining a RBL list is not a trivial task. For example, when you place a IP address in the list, you can't leave it there forever. "Bad" IP addresses can become "good" in the future when it's either reassigned to a non-spammer or the organization responsible for the address (an ISP) takes remedial action. By using both public and private RBLs, I now receive far less spam mail. Ed Sawicki Accelerated Learning Center http://www.alcpress.com On 29 Mar 2001, at 14:07, Dan York wrote: > lpi-discuss, > > Given the discussion we've had on this list about people NOT being > able to send to the LPI lists because their mail server was listed > as an open relay, I thought I'd pass this along... I was very pleased > to see a nice page at AOL talking about how they are refusing mail > from open relays and from people on the DUL list: > > http://postmaster.info.aol.com/ > > Given their huge size, I personally think it is great to see them > supporting services such as this. Maybe this will get more people > to shut down open relays. > > The-man-who-still-gets-way-too-much-spam, > Dan > > -- > Dan York, Director of Training dyork@e-smith.com> Ph: +1-613-751-4401 Mobile: +1-613-263-4312 Fax: +1-613-564-7739 > e-smith, inc. 150 Metcalfe St., Suite 1500, Ottawa,ON K2P 1P1 Canada > http://www.e-smith.com/ open source, open mind > -- > This message was sent from the lpi-discuss mailing list. > Send `unsubscribe lpi-discuss' in the subject to Listar@lpi.org > to leave the list. > > -- This message was sent from the lpi-discuss mailing list. Send `unsubscribe lpi-discuss' in the subject to Listar@lpi.org to leave the list. ------------------------------------------------------- -- <http://www.dodin.net> <mailto:jdanield@dodin.net>QUI EST CET HOMME ? Aidez-moi à le retrouver WHO'S THAT GUY ? Help me found it http://www.dodin.net/serge/index.html --------------------------------------------------------------------- Aide sur la liste: <URL:mailto:linux-31-help@savage.iut-blagnac.fr>Le CULTe sur le web: <URL:http://www.CULTe.org/>