Our "black list" of choice is Spamcop as it is aggressive and very up to date.
FAQs
-
How does it identify spam?
- Thousands of users send their e-mail to Spamcop for checking. Spamcop analyses the content of the e-mails and asked the users to confirm if they regard the e-mail as spam.
- Does it maintain a list of users who send spam?
- No! It only keeps a list of the computers that the spam originated on or passed through. Each computer on the Internet is assigned a unique address - an IP (Internet Protocol) address - e.g. 1.2.3.4. If a computer sends out spam Spamcop records that address. It also records the address of some of the computers that the e-mail was relayed through. If the relaying computer is insecure it is called an "open relay". Spammers love "open relays"
as it allows them to bypass DNS black lists for a few hours so that their junk e-mails can get through.
- What is a DNS black list?
- A DNS (Domain Name Server) black list is a list of IP addresses that are the source of junk e-mail or are on "open relay".
- Why are "open relays" listed?
- An "open relay" is a computer that will relay e-mails without checking that it should! The e-mail system is very simple - indeed it is called SMTP (Simple Mail Transport Protocol) - and when it was first devised there were no spammers around. Every could be trusted to be honest and honourable. If you connect to an ISP your ISP will only accept e-mails from you, to relay to other ISPs and other companies, if you have a direct connection to the ISP. Thus, spammers cannot send their junk e-mail to your ISP so that it can relay to a third party. However, some computers have not got any controls on them and they will relay any mail that they receive. At HCI Data, we only accept e-mails for domains that we manage. We may forward them on, but we would not accept an e-mail for a third party.
- Will a DNS black list stop all spam?
- No! The DNS black list (DNSBL) can only report on spam that has already occurred. During the time that a spammer starts sending their hundreds of millions of e-mails, there is a short period of time before the emails are recognised as spam and the offending computers are added to the DNSBL. Thus, some e-mails will get through. However, most DNSBLs are updated continuously in real time so the amount getting through will be a small percentage. If 1% of spam gets through, that equates to over 1 million e-mails!
- Will genuine (non spam) e-mails be blocked?
- Possibly. If a spammer uses a dial-in line to send e-mails, the IP address for that dial-in line will be added to the DNSBL. If a non spammer dials in, they could be allocated the same IP has used by the previous spammer. As the spammers has caused the IP address to be listed in a DNSBL, we will reject the e-mail and return it to the sender. They will probably be able to resend it after dialing in again and it will get through. Another way for genuine e-mails to be blocked is if the sender uses an "open relay". They should report this fact to their System Administrator so that the computer can be reconfigured so that it is no longer an "open relay"
- How long does an IP address remain in a DNSBL?
- Each "black list" has its own rules. Most will delist an IP address after a suitable time has passed since the last spam e-mail was recorded using that IP address. Bad offenders will typically be listed for 28 days each month. Temporary transgresses only a few hours.
-
|