« Return to Thread: relays.ordb.org returning positive for everything?
Re: relays.ordb.org returning positive for everything?
by Aaron Wolfe
::
Rate this Message:
On Tue, Mar 25, 2008 at 11:50 PM, John Rudd <jrudd@...> wrote:
> mouss wrote:
> > ajx wrote:
> >> It seems your logic is fundamentally flawed for several reasons. By
> >> returning false positives, you're breaking mail gateways that use this
> >> once
> >> useful service. On the contrary, the best way would be to simply return a
> >> DNS host not found error or a connection refused message when a client
> >> tries
> >> to make contact to the service... This would reduce your bandwidth and
> >> not
> >> confuse and frustrate any users...
> >>
> >>
> >
> >
> > It is your logic that is flawed.
>
> > Returing an error brings nothing at
> > all.
>
> Which is exactly why it is better. It brings no false positives.
> That's infinitely better than returning all false positives.
>
>
>
> > the error is ignored since it has no practical consequence (except
> > maybe in some unread log file)
>
> Unread/unchecked only by half-assed postmasters who aren't worth their
> salt, and should thus be fired.
>
>
> A decent postmaster at least generates summaries of traffic (perhaps via
> cron), and will note that one of their DNSBLs dropped from "lots of hits
> per day" to "no hits per day", wonders why, and looks into the problem.
> These responsible postmasters (who may have missed any notification of
> the impending death of the DNSBL they use) do not deserve to have the
> headaches caused by generating "all false positives". They will get
> angry calls from users whose mail was returned to the senders (many of
> whom will not resend, some of whom are even so lazy as to not even read
> bounce reports). In short, returning an always block result from a
> deprecated DNSBL effectively, and inappropriately, penalizes the
> responsible postmasters who do in fact check the results, and
> investigate why things changed.
>
>
> A postmaster who doesn't check their logs in any fashion deserves
> whatever they get. Including having all of the spam sail through
> unchecked. Or having their domain actually RBL'ed (ie. routed to null)
> because they've continued to do queries well past any reasonable
> expiration period.
>
>
> Generate all misses: doesn't penalize the good postmasters, don't care
> about the effect on the bad postmasters.
>
> Generate all hits: penalizes the good postmasters, don't care about the
> effect on the bad postmasters.
I think you're mistaken. Generating all hits does not penalize a
"good" postmaster, because no good postmaster will be using an RBL
that's been dead for over a year. It has no effect on good
postmasters. Generating all misses penalizes the maintainers who were
nice enough to provide the list while it was active, because bad
postmasters will *never* stop pounding their servers with queries.
>
>
> Clearly, only half-baked providers do the latter.
>
> mouss wrote:
> > ajx wrote:
> >> It seems your logic is fundamentally flawed for several reasons. By
> >> returning false positives, you're breaking mail gateways that use this
> >> once
> >> useful service. On the contrary, the best way would be to simply return a
> >> DNS host not found error or a connection refused message when a client
> >> tries
> >> to make contact to the service... This would reduce your bandwidth and
> >> not
> >> confuse and frustrate any users...
> >>
> >>
> >
> >
> > It is your logic that is flawed.
>
> > Returing an error brings nothing at
> > all.
>
> Which is exactly why it is better. It brings no false positives.
> That's infinitely better than returning all false positives.
>
>
>
> > the error is ignored since it has no practical consequence (except
> > maybe in some unread log file)
>
> Unread/unchecked only by half-assed postmasters who aren't worth their
> salt, and should thus be fired.
>
>
> A decent postmaster at least generates summaries of traffic (perhaps via
> cron), and will note that one of their DNSBLs dropped from "lots of hits
> per day" to "no hits per day", wonders why, and looks into the problem.
> These responsible postmasters (who may have missed any notification of
> the impending death of the DNSBL they use) do not deserve to have the
> headaches caused by generating "all false positives". They will get
> angry calls from users whose mail was returned to the senders (many of
> whom will not resend, some of whom are even so lazy as to not even read
> bounce reports). In short, returning an always block result from a
> deprecated DNSBL effectively, and inappropriately, penalizes the
> responsible postmasters who do in fact check the results, and
> investigate why things changed.
>
>
> A postmaster who doesn't check their logs in any fashion deserves
> whatever they get. Including having all of the spam sail through
> unchecked. Or having their domain actually RBL'ed (ie. routed to null)
> because they've continued to do queries well past any reasonable
> expiration period.
>
>
> Generate all misses: doesn't penalize the good postmasters, don't care
> about the effect on the bad postmasters.
>
> Generate all hits: penalizes the good postmasters, don't care about the
> effect on the bad postmasters.
I think you're mistaken. Generating all hits does not penalize a
"good" postmaster, because no good postmaster will be using an RBL
that's been dead for over a year. It has no effect on good
postmasters. Generating all misses penalizes the maintainers who were
nice enough to provide the list while it was active, because bad
postmasters will *never* stop pounding their servers with queries.
>
>
> Clearly, only half-baked providers do the latter.
>
« Return to Thread: relays.ordb.org returning positive for everything?
| Free embeddable forum powered by Nabble | Forum Help |
