The WELL® is a Salon.com community  

Spamhaus Block List (SBL) FAQ

In 2002, The WELL began tagging suspected spam so our users could delete or filter it as they saw fit. Initially, we refused to delete user mail. Later we added the ability to set a deletion threshold to your SpamAssassin utilities screen. Unfortunately, at this point we must take more aggressive measures to control spam. We expect you to see little or no difference in the amount of spam you receive, but we anticipate a significant easing of the load on the mail servers.

Questions:

What is the SBL?
Why is the WELL doing this?
Will legitimate mail be blocked?
What happens if someone needs to contact me, but their mail is blocked by the SBL?
My friend says mail he is sending isn't reaching me. How can I see if he is being blocked by the SBL?
Can I totally opt-out of the SBL?
What's this about future blackhole services?
Am I likely to see a reduction of spam that slips by SpamAssassin?

Answers:

What is the SBL?

The SBL (Spamhaus Block List) is a "blackhole list" — a service that provides a way to detect and bounce incoming spam. Blackhole lists do this by comparing the machine that is sending mail to a list of sites known to be major sources of spam.

Most blackhole lists concentrate on blocking mail from "open relays" (mail servers that are configured in such a way that they may be used to send mail from anywhere to anywhere else). This approach, unfortunately, has a high rate of improperly bounced mail since many open relays are also used to process legitimate mail. The SBL takes a more conservative approach by concentrating its efforts on bouncing mail from sites that appear to do nothing but transmit spam.

For more information on the SBL, see The Spamhaus Block List FAQ.

Why is the WELL doing this?

Over the last year, the amount of spam received by WELL machines has more than doubled, and there is no end in sight to these increasingly massive system loads. While SpamAssassin does an admirable job of identifying spam, it's extremely resource intensive. Our current system hardware is struggling to keep up with the requirements of processing all this spam, and it's only getting worse. Upgrades are on the way, but even that is only good for the short term. To keep The WELL's mail system operating satisfactorily, something must be done to ease the load - the best way to do that is to block the incoming spam before it has a chance to overload the system. A blackhole list is the most reliable way to do this.

Will legitimate mail be blocked?

Yes, unfortunately. No blackhole list is perfect, and that includes the SBL. Sometimes legitimate mail is inadvertently blocked and bounced back to the sender. The SBL's approach to blacklisting will minimize such mistaken rejections, but there's no way to guarantee it will never block legitimate mail.

What happens if someone needs to contact me, but their mail is blocked by the SBL?

The mail will be bounced back to the sender. The bounce message includes information on how to determine why they were blocked. The best approach at this point is for the sender to contact their ISP, and demand that the ISP clean up their act and get rid of the spammer(s) using their services. The ISP can contact the SBL website to determine what needs to be done.

You can also ask us at The WELL to consider specifically whitelisting mail from the blocked address. This requires staff setup of a special SBL whitelist, different from the personal whitelist you maintain on your Utilities Configuration Page. We may not be able to honor every such request, but will make a decision based on our mail logs. If it appears that most mail coming from the specified address is legitimate mail (that is, it doesn't exhibit common spam characteristics), we will honor the request. However, we will still request that you ask your correspondent to contact their ISP about the reason they appear on the blackhole list.

My friend says mail he is sending isn't reaching me. How can I see if he is being blocked by the SBL?

The easiest way is for your friend to look at the bounce message. If the mail was blocked by the SBL, the bounce message will include something like this:

550 5.7.1 mail from server 192.203.178.107 rejected - see <http://www.abuse.net/sbl.phtml?IP=192.203.178.107>

Can I totally opt-out of the SBL?

Yes. For now, we will manually honor opt-out requests made via email to HelpDesk. Eventually, we hope to implement a utility that will let you opt-out (and back in) at will.

Please note that opting-out is an all-or-nothing proposition. Opting-out means that all mail from blacklisted sites will be allowed. You cannot opt-out for just one or two addresses. Opting-out also means that you will be opted-out for any additional or substitute blackhole services that The WELL may use in the future.

What's this about future blackhole services?

The SBL blocks mail from the major spam sources, but does little to block spam originating from so-called open relays. Right now, spam from open relays appears to be increasing dramatically. At some point, it seems likely that we may have to start using a blackhole list that attempts to block spam from open relays.

We'd prefer not to use such a service due to increased likelihood of bouncing legitimate mail, but the increase of spam is so rapid that the outlook is not encouraging. If we do decide to add other blackhole services to protect our servers, there will be an opportunity for discussion in The WELL's Spam Conference. Unless the load reaches emergency levels, we'll be talking about it before adding it, and seeking your input on that and other alternatives.

Am I likely to see a reduction of spam that slips by SpamAssassin?

Unlikely. WELL tests show that better than 95% of the messages that would be blocked by the SBL are already marked as spam by SpamAssassin. For most people, this probably translates to one or two messages a week that would have shown up tagged as suspected spam, but are instead bounced. We expect the decrease in our mail processing load, however, to be significant.

For Further Information...

For information about The WELL or for WELL Customer Support, contact:

WELL HelpDesk
The WELL
101 Spear Street, Suite 203
San Francisco, CA. 94105
(415) 645-9300

email: helpdesk@well.com for more information about The WELL and WELL Customer Support.

* Spam and SpamAssassin

* Filtering Out the Spam

* The WELL's Spam Conference

* Utilities Configuration Page
Search our front porch
Powered by Yahoo!

 

Please log in to search members-only conversations.
   Join Us
Home | Learn About | Conferences | Member Pages | Mail | Store | Services & Help | Join Us

The WELL® is registered in the U.S. Patent and Trademark Office as a trademark of Salon.com image Salon Media Group Inc.
101 Spear Street, Suite 203; San Francisco, CA 94105 | 415 645-9300 | Email
Privacy Policy | Terms of Service