I just had another conflict with a debatable anti-spam configuration. I think it was debatable rather than obviously wrong, so I’m not going to rant about the specific setup, but while discussing it with other postmasters, the following two Domain Name Service Blacklist (DNSBL) facts surprised me:
- UCEPROTECT3 can be evaded if you pay them EUR 75 every 2 years. UCEPROTECT is a German organisation but refuses to publish the details usually found on an Impressum so you could be funding spammers, for all you know. Their four suggestions to stop spam (no C-R, rate limits, block port 25, refuse to sell) seem so unlikely to stop spam it’s either naïve or insincere.
- SORBS asks ISPs to pay USD 50 to get delisted from the SORBS SPAM database. It’s to charity rather than SORBS, but it still seems like a protection racket. Spammers can get out of jail for a few dollars?
Those lists both seem quite trigger-happy to me, which isn’t surprising as these payment demands encourage listing first and asking questions later. It means I won’t be using these two lists anywhere soon.