Over-Eager RBLs

Experimenting with RBLs in the mail server to catch messages originating from known spammy SMTP servers before they hit the SpamAssassin engine. Highly effective, but some of the RBLs cast too wide a net. For example, hapless users on major networks like Comcast may be assigned an IP recently used by a spammer (or by a virus-infected Windows computer), and end up on an RBL. Result: Legit mail inbound to Birdhouse customers gets bounced to confused but legitimate senders.

Had three such incidents with bl.spamcop.net in the past month, so have just dropped it permanently from the RBL list. In its place, added an RBL in China and another in Korea. These seemed to work well, but today I heard from a customer who was running a legit PHP mail script, which suddenly started timing out. Removed the new RBLs and the problem went away. Lesson: the RBLs being consulted must not only be accurate, they must be fast.

Aside from a few false positives, the RBL experiment has been very successful — server load down, straggler spam down. But getting it right is like tuning a fork.

Music: Les Baxter :: Oasis Of Dakhla

Leave a Reply

Your email address will not be published. Required fields are marked *