Hacker News new | past | comments | ask | show | jobs | submit login

You seem to be taking the line of the attackers' spokesman, who accused, rather hysterically, Spamhaus of deciding what goes on the internet. Of course, all Spamhaus does is supply a list of hosts who are sending email spam, and other things like lists of dynamic IPs. Sounds like this hosting outfit was making money hosting spammers and their business is threatened by legitimate countermeasures.



He's not the only one to do so. Spamhaus has engaged in some shady behaviour; even pg wrote about it once:

http://paulgraham.com/spamhausblacklist.html (2005)

I wanted to believe him. But before I could reply to his mail, I got first-hand evidence that the SBL has in fact gone bad.

As of this writing, any filter relying on the SBL is now marking email with the url "paulgraham.com" as spam. Why? Because the guys at the SBL want to pressure Yahoo, where paulgraham.com is hosted, to delete the site of a company they believe is spamming.

EDIT

Wait, there's more!

http://paulgraham.com/sblbad.html

http://paulgraham.com/spamhaussbl.html


any filter relying on the SBL is now marking email with the url "paulgraham.com" as spam.

Impossible. The SBL lists only IP addresses; there is no content filtering at all.

http://www.spamhaus.org/sbl/

Furthermore, there's a lot of FUD in this thread about Spamhaus listing people who don't emit spam. IF this is true, then Spamhaus would have an unacceptably high false positive rate, and we would be able to observe this. In reality, Spamhaus has the lowest FP rate in the industry. Occam's Razor suggests those who claim to have been wrongly blocked are mistaken about the reason for their listings (if they ever existed in the first place).


You are incorrect. (Well, you're correct that Spamhaus doesn't filter content -- but they don't filter anything, they publish lists that various filtering software uses.)

http://www.spamhaus.org/faq/section/Spamhaus%20SBL#270

I hear the SBL can also block domains, how? What is "URIBL_SBL"?

Yes, the SBL can also be used as a URI Blocklist and is particularly effective in this role. In tests, over 60% of spam was found to contain URIs (links to web sites) whose webserver IPs were listed on the SBL. SpamAssassin, for example, includes a feature called URIBL_SBL for this purpose. The technique involves resolving the URI's domain to and IP address and checking that against the SBL zone.

And of course they also have the DBL (Domain Block List), though I don't know if that existed back when PG ran into problems.

Do you have a link to the false positive rankings? I'm curious as to how that is measured.


Good point; I think both of our statements are true due to ambiguous wording upstream. I also took it literally, "any filter relying on the SBL" -- I use the SBL (via ZEN) but don't use SpamAssassin. And so my mail servers wouldn't block any domain that resolves to an IP address in the SBL, as described in the link you provided.

As for DNSBL false positive rates, I haven't seen statistics in a few years, and by now they wouldn't be worth much. The only ones I saw were from 2005 or 2007. This one (linked to from the below article) from 2011 doesn't even test Spamhaus:

http://www.spamresource.com/2011/05/dnsbl-safety-report-5142...

This is just my personal experience saying (in 2013) that Spamhaus has the lowest FP rate, which isn't scientific. I'm kind of surprised there haven't been more FP comparison reports of major DNSBLs in recent years. If anyone has a link I'd love to see it.


"want to pressure" - I applaud PG for still staying so civil after this stunt by Spamhaus (and it was not the only one, e.g. they also blocked nic.at in 2007) - I am more direct: Spamhaus blackmails others to get what they want. People who blackmail others should be send into jail, even if their actions are useful. The end doesn't justify the means.


You seem to be taking the line of the attackers' spokesman, who accused, rather hysterically

Ummm, my ISP IPs hav been blocked several times for absolutely no fault of mine. I have a shared IP for browsing and turns out that cloudfare has blocked them. I also had issues with my sites, the IPs signed to me were blacklisted.

I understand that no one is forcing usage of spamhaus db but it seems unfair and white-listing is near impossible.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: