MAPS sucks

[fanf]

We use the JANET subscription to the MAPS RBL+. It is a frequent source of false positives which causes a great deal of irritation.

• Their RSS (relay spam stopper, i.e. list of open relays) does not have any re-testing nor any expiration of old entries, so is full of shockingly stale entries.
• Their DUL (dynamic user list, i.e. list of home computer IP addresses) has many errors. They do not track re-assignments of address space which caused them to list gmail's servers earlier this year.
• Spamhaus's ZEN list is just as effective but much more trouble-free. Why is JANET paying for the RBL+ and not ZEN?
• They do not accept corrections from their paying customers. WTF!

Sadly I can't easily ditch the RBL+ since using both it and ZEN adds 20-25% to our block rate compared to either alone, so performance would suffer horribly. Also, I don't want to get into the game of maintaining my own blacklist and/or whitelist - a time sink I do not need.

Comments

[mas90.livejournal.com]

Are RBL+ and ZEN the only two DNSBLs you use, or are there others?

Until just now I was using Spamhaus SBL+XBL on its own, which I've just replaced with ZEN. I've thought for a while that there might be other blacklists out there that it would be worth using in addition. (But based on your comments I think I'll avoid the RBL+...)

On a slightly tangential note, how harmful would you say it is to do sender callout verification for all sender domains, rather than just a handful on which this is known to be effective?

[fanf]

Sender callback verification suffers from a terrible false positive rate, especially for email from web sites - we had lots of problems with various Web Of Science mirrors, for example. It's also becoming less and less effective - http://fanf.livejournal.com/70432.html?thread=263968

I like sender verification callouts

[(Anonymous)]

And, if I get a false positive report, I report it to the sending site. Generally, they fix the problem, sometimes with my help.

[bens_dad]

At work, I use sender-verification callbacks on all (none whitelisted) domains, admittedly after fanf (my ISP and MX primary) has filtered everything for me.
I accept that it has significant downsides (I also fore-saw jmason's point that it encourages spammers to use read sender address) and more operator intervention than anything else I do, but the fundamental point is: why accept an email that you can't reply to ?

Exim's caching means that I'm not doubling or trebling the amount of email flying around, which would make me more than uneasy.

[hserus.livejournal.com]

The MAPS lists have gone to the dogs ever since they started going "for pay" and with paid employees instead of volunteers.. and now theyre taken over by trendmicro .. well, its a legacy thing now. I personally wouldnt use it, even at grandfathered, heavy academic discount type prices.

Zen's very good indeed. We do use SORBS duhl additionally but .. with a very heavy whitelist and frequent fp reports back to SORBS.

Do not use SORBS! Do not block regular emails..

[timum.livejournal.com]

I was going through a trouble shooting for an email issue. Then found out that the IP number was blacklisted by SORBS.
I went to SORBS web site to see the reason they blacklisted my IP..
They only showed me one of our domain name which was spammed.
The domain name they show on their site DO NOT even have one email account. No email settings NOTHING. I use that IP as a shared IP number that is why I need it to be removed If not I really do not care..
btw: They charge $50 for delisting. I guess they are too greedy to list even domain names w/o an email account.
----------
I hate spam and spammers.They crashed one of my server's hard drive once. When they sentenced the guy for 9 years for spamming, I did not feel sorry for him. He did deserve 9 years..

I do also believe there is no clean emailing list.

Thanks
Hakan
http://dominor.com