[linux-dvb] OT: Re: linuxtv.org fell in the blacklists trap

thomas schorpp thomas.schorpp at googlemail.com
Wed Oct 31 02:44:37 CET 2007


Luca Olivetti wrote:
> En/na Jim Barber ha escrit:
>> Sorbs will remove you from their list once you contact them and prove 
>> you have a static IP address though.
> 
> Yes, they did, *twice*, since they wrongly listed my address *twice* 
> (though I thought I already stated that) but I shouldn't go through all 
> of this.
> Besides, one shouldn't have more or less rights to have an own mail 
> server depending on the fact that the address is static or dynamic.
> And others blacklists don't even listen to you (and, again, even if they 
> would, it's tiresome and shouldn't be necessary).
> The net result is that spammers simply hop from network to network and 
> can send their shit with no problem, while non-spam is blocked. Good job.
> 
> Bye

I'm with Luca.

in general blacklisting is an unprofessional, trivial security concept and completely sucks, 
especially sorbs:

Netblock:	91.89.4.0/24 (91.89.4.0-91.89.4.255)
Last Seen:	Thu Feb 15 15:15:12 2007 GMT
Additional Information:	ad-online.biz. A 91.89.4.92 [TTL=1800] Job Scam Spammers

they still block my mail server on .246 cause some spamfucks were once in my assigned netblock??? great.
and blocking Luca against their own(!) whitelist policy is really scandalous.

I and many people can't simply afford the horrific costs of static and NIC registered IPs.
this is social discrimination of internet users and glorifying the few big mailprovider's monopoly 
all in the name of a "protection system" that has been long proven of complete failure by spamgangs.

Jim, so how to prove ownership of a IP? thats actually a crap requirement, cause only the ISP 
can certify. NIC registry can't, too. I can register every fake data in there. spamgangs do so.
CA signed server certificates can't prove ownership of an IP, too, cause I could use any proxy 
and fake certify ownership of its IP that way. so practically you never get delisted from sorbs, 
once listed. they don't do blacklisting, actually they do whitelisting in their big sponsors preferences(?) in fact.

besides this is a violation of accepted civilized international law principles. pre-convicted for having done 
nothing. BTW law: in most countries courts take denied mails *as delivered*(!) to evidence whatever the reason for denial!
so companies be very careful using blocklists...

sorbs: "Fighting spam by finding and listing Exploitable Servers.". real great policy. Which administrator 
can assure that his systems are 100% unexploitable all the time? this is pure SCI-FI and not a 
accepted all day practioneer's requirement.

as Luca said, spam-gangs avoid it easily. Johannes, PLS use a bayesian filter / greylisting combination.
or use spamhaus at least. they have a much kinder not "ordinary dynamic IP internet 
mail user discriminating" delisting policy :) 

with private house community wlan-routers, wifi-hotspots, inetcafes, anonymizers further upcoming, 
blacklisting has become complete idiocracy. sorbs go on, blacklist them all!
spamgangs laugh at You.

y
tom



More information about the linux-dvb mailing list