On 11/17/06, <b class="gmail_sendername">Gilles Detillieux</b> <<a href="mailto:grdetil@scrc.umanitoba.ca">grdetil@scrc.umanitoba.ca</a>> wrote:<div><span class="gmail_quote"></span><blockquote class="gmail_quote" style="border-left: 1px solid rgb(204, 204, 204); margin: 0pt 0pt 0pt 0.8ex; padding-left: 1ex;">
> b) they catch far to many innocent victims<br><br>Are there any credible stats on this? I've never spotted anything that<br>looks like it might be a false positive in my server logs when I've<br>checked. Of course, some of the claimed "innocent victims" are people
</blockquote><div><br>Just to add more anecdotal evidence to the pile, I've seen a lot of problems caused by DNS based blacklists<br><br>- At a previous employer we got briefly blacklisted for having an open relay. Almost 2 years later I found a case where someone (a government agency) was using a copy of the blacklist from that era and was denying our mail (ok, so this technically wasn't a DNS based blacklist, but this was ~6 years ago!)
<br>- At a (different) previous employer we got put on a blacklist because our Antispam gateway was configured to autorespond and it responded to one of the addresses the blacklists uses to find spammers (I think it was spamcop).
<br>- At the same previous employer we configured our systems to return 4xx errors or reject addresses outright depending on what blacklist was hit and it caused problems for more than one innocent company<br><br>Each case above involved some emails of importance to the business. Yes, using the lists was effective in dropping a lot of spam, but in one case I can remember on #3 it almost cost us a lot of business.
<br><br>Sean<br><br></div></div>-- <br>Sean Walberg <<a href="mailto:sean@ertw.com">sean@ertw.com</a>> <a href="http://ertw.com/">http://ertw.com/</a>