Shining Light Into the Realtime Blackhole List

by David Strom

Related Content

Sound Out on the RBL

Securing Your Home Network With the Edge Firewall

Cell Phone Viruses: The New Frontier

I never thought the day would come when I would be considered a spammer. You see, I have run the Web Informant mailing list over the past five years, mostly for my own (and hopefully my readers') amusement. I thought I was in the clear and being a good Netizen. But apparently that isn't the case. More on why shortly.

I got interested in this issue when Dale Dougherty told me about the problems he had with being placed on the Mail Abuse Prevention System (MAPS) Real-time Blackhole List, or RBL. This list has over 3000 entries and is used by hundreds or thousands of servers around the world. It began as a personal project by long-time Internet veteran Paul Vixie. A dedicated crew who are determined to stop spammers now maintains the list, run by project manager Kelly Thompson. The idea behind the RBL is a laudable goal, to be sure. All of us get far too much spam. Even test accounts I have at Yahoo and Hotmail accounts get spam, and I haven't sent any mail to anyone (besides myself) from them -- ever.

Before I get into the issues, note that ISPs and others who maintain their Internet presence can use the RBL in one of three ways. Your e-mail provider can tag suspect messages as spam and pass them along to their ultimate recipients. Your e-mail provider can block any suspect e-mail from the listed spammers. Or your provider can block all IP traffic going towards the listed domains (actually, it is IP addresses of the abusers). There are a set of carefully worded descriptions on their site on how you get on the list, how you get off the list, and other information.

By and large, it is a good system. While spammers continue to escalate their arms race and stay ahead of the spam cops, the RBL has undoubtedly cut down on the amount of spam sent around the Internet. Actually, there are other operations, including the (Open Relay Behaviour-modification System) folks. They have different practices and standards.

On the whole RBL is trying to fix two different problems:

First is the problem of an open mail relay. In the old days of the Internet, mail servers could easily exchange messages with each other with nary a care. However, this feature has been exploited by spammers to the point that most ISPs should and do shut down the relays, so that only certain computers can send mail using their mail servers. This means if you use one ISP (say Earthlink) for dial up access, you probably can't send mail from your host maintained by Verio unless you use a web-based mailer.

Second is the problem of junk mail proliferation by people who receive money to send out tons of e-mail.

In my opinion, RBL isn't completely successful for several reasons. First off is that they have a very restrictive definition of best e-mail practices, and this definition is somewhat unclear from their public materials. The point of contention has to do with how individuals verify when they are added to mailing lists. This seems like a minor point but isn't.

From the RBL web site: "A mailing list should include only those who have explicitly indicated an interest in receiving messages from the list. Prudent mailing list management mandates verification of all subscription requests before mailings commence." The issue is what constitutes verification. They say on their site: "there are numerous ways to confirm or verify an e-mail address."

However, when I spoke to RBL's manager Thompson, she said that all mailing list owners should include "a closed loop confirmation system, one which confirms any additions to protect people from having their friends sign them up unintentionally." I don't believe this is common practice. I certainly don't have a complete closed loop confirmation system for Web Informant, and of the tens of mailing lists that I have joined over the years can't remember more than one or two which used such a system.

Pages: 1, 2

Next Pagearrow