DNS block lists are easy to include into most mail servers. They are a very effective and efficient server side tool to help keeping spam out of your systems. As the name implies they use domain name servers to transmit the information whether mails from a distinct mail server should be accepted or rejected.
Sometimes they are too effective. It can happen that a mail server is listed on a block list wrongfully. This can lead to a situation where your mail server will reject mails that you wanted to receive. The biggest problem with block lists is that you have to trust somebody else to take the right decision which mails to accept and which ones to reject.
So how useful are DNS block lists after evaluating the pros and cons? They can be very useful to lower the overall CPU usage of your anti spam strategy. It is advisable to use a small number of carefully chosen blocklists. If you are using a block list, subscribe to the mailing list or newsletter of the organization who runs the block list. That way you will take note of any problems that the block list may have and you will be informed if it gets shut down. DNS blocklists should never be your only strategy against spam. They should be combined with other mechanisms to help keeping spam out of your inbox.
There are some things you should consider before implementing DNS block lists in your anti spam strategy. If you reject a connection from a mail server because it is listed in a block list, return a detailed error message. This enables the admin of a mail server that gets listed wrongfully to see why the mails get rejected and to act accordingly.
If your mail server software allows to select the order of different sender or client restrictions be sure to put DNS blacklists after SMTP authentication. This enables your co-workers (and your customers if you are in the ISP business) to send their mails even if they come from a dial-in IP address that is listed in a block list.
You should consider using DNS block lists for scoring instead of blocking if your mail server has enough resources (CPU, IO, traffic). That would mean to use the block lists in a program like spamassassin that gives points for different criteria of a message and considers it as spam if it surpasses a certain number of points. That way the chances for false positives are lower because a message is not rejected if the sending server is on a single block list only. The message will get rejected if there are other signs of spam.
Huge indexes of available DNS block lists can be found at www.moensted.dk/spam/ and www.declude.com.
Over the weekend, it seemed like the anti-SOPA forces had won. The House temporarily shelved the Stop Online Piracy Act. The Senate sponsors of the Protect IP Act agreed to review the most controversial provisions. So why’s the Internet still so mad ? Here are five reasons: Read full article >>
Read more...Once upon a time there was a browser named Firefox -- an open source project that many people happily picked up and spun off into their own versions with names like Iceweasel and Pale Moon. Now the same thing has happened with Google Chrome. Its open source incarnation, Chromium, has become the basis for a slew of spinoffs, remixes, and alternative versions.
Read more...SOPA, in its original form, is all but dead. The White House spoke up last weekend, saying that it would oppose (veto) any legislation that reduces freedom of expression, increases cyber security risk, or undermines innovation on the global Internet. However, as heroic as the rhetoric may sound to proponents of internet freedom, these bills [...]
Read more...CNET takes an in-depth look at the controversial Stop Online Piracy Act, backed by Hollywood and opposed by the largest Web companies and civil liberties groups.
Read more...MANILA, Philippines — The internet experienced what some say is the first blackout of cyberspace when some sites particularly Wikipedia decided to suspend its operations due to its objection to two bills, namely the Stop Online Piracy Act (SOPA) and the Protect IP Act (PIPA). PIPA was first introduced to the U.S. Senate while SOPA was introduced to the U.S. House of Representatives. Lets talk ...
Read more...