August 28, 2003

Blacklist *.*

Just in case you needed another reason not to trust spam blacklists, here comes this item on Slashdot (and a ZDNet news story) about how one of the big ones has recently shut down and started marking everything as spam. A lot of system admins set up their mail servers to use these blacklists, because it makes the job of keeping spam out that much easier. But I’ve never liked them. The idea behind the blacklist is that certain organizations keep a centralized list of what ISPs and what IP addresses are sending out spam. This could be happening because there is a spammer actually located at that IP address, or it could be that there is an open relay that someone is exploiting. Whatever the cause, these blacklist providers see a stream of spam coming from somewhere, and they add that source to their list. Then, system admins subscribe to that list and load it onto their servers. Whenever their server encounters an email coming from one of the sources on the list, the email gets rejected automatically. No questions asked, no human intervention, just a flat out rejection. If you’re on the list, your emails will get bounced. It’s that simple.

There’s a lot of reasons to dislike such a system, the same problems that come from most zero tolerance systems. But the story was given a new wrinkle this week when one of the big blacklist providers, Osirusoft, decided to get out of the game. They had apparently been the victim of a several-week long denial of service attack, so they called it quits. And as a final parting blow, they set their blacklist to reject everything. Every email address, every IP address, every server, everything. What this meant was that any server that was using the Osirusoft blacklist suddenly started rejecting every email it received. No questions asked. You can imagine that this caused somewhat of a stir, as organizations that had never been responsible for a spam message ever were suddenly coming up as spammers, and as other organizations that were using Osirusoft’s blacklist suddenly weren’t getting any incoming messages at all. I’m sure a lot of sysadmins were scrambling trying to get their systems to stop using that particular blacklist and find others to switch over to. I’m sure a lot of emails were lost or had to be resent. And it’s all because there are so many people out there that rely on blacklists and trust them unconditionally.

It’s time for sweeping generalizations. There are people who love these blacklists. They are unapologetic about automatically blocking mail because, they reason, if you’re on the list you must have done something to get there. You therefore deserve what you get, and you’re not worthy of sending email. This is the same sort of elitist pigheadishness you see from a lot of tech people. I don’t know what it is about computers that attracts this personality type, but in this industry, more than any other, you’ll find these know-it-alls who think that their word is gospel, and when they speak the ground trembles. This is the same sort of person you usually see posting on Slashdot. For them, the world is binary. On or off. Black or white. Right or wrong. And, of course, their way of thinking is right, and everyone else’s is wrong. They can always formulate a rebuttal to any argument you put forth, usually a specious one, and they cannot be swayed from their path. It is these people I avoid. It is these people that make me hesitant to mention that a simple Bayesian filter can be much more effective than a blacklist, because they’ll come after me with a hundred arguments why I’m wrong. And maybe I am. But if I am, I’ll acknowledge it. And there’s the difference.

All I know is that since I installed a Bayesian filter for Outlook, I haven’t seen very much spam in my Inbox. And none of my friends’ emails have been blocked because my computer couldn’t realize a blacklist had been turned off.

Filed under The Computer Vet Weblog

Comments (0)

Comments RSS - Write Comment

No comments yet

Write Comment