The Evils of RBLs and Why You Should NEVER Use Them

By /

I’ve gone on over the years regarding the evils of RBLs and why mail administrators should never use them. There are a number of antispam technologies available today that obviate the need for ever using RBLs. In many ways, RBLs are much more dangerous to your business than the spam you think the RBLs might be blocking.

Reasons why RBLs should be avoided:

  • RBLs use random criteria for listing a mail server — there are no IETF standards for listing servers in an RBL, it’s all up the prejudices of the RBL’er.
  • RBLs are not accountable — they have no commercial interest in maintaining an accurate list
  • RBLs are unresponsive — many RBL maintainers are unresponsive or very slow to respond to requests for removing illegitimate placement on their RBLs
  • RBLs put your company at risk — unlike spam, which wastes time and can suck up productivity, an RBL’er can make it very difficult or impossible to send mail to customers and partners. The RBL’er will always disclaim responsibility for the damage he creates to your organization because of their irresponsible behavior

Probably one of the worst RBL’ers out there is the Blars Block List http://www.blars.org/errors/block.html

Some interesting quotes from this page that highlight the “philosophy” of RBL’ers:

“The BlarsBL is maintained by Blars at his wim [sic]”

“This is not a low collateral damage list”

“In general, an entire netblock is added rather than just a single IP or customer of a larger ISP”

And for the coup de gras of the scumbag behavior inherent in RBL’ers:

“If you would like a site be added or removed from BlarsBL, you may hire Blars at his normal consulting rates (currently $250/hour, 2 hour minimum, $1000 deposit due in advance for non-established customers) to investigate your evidence about the site. If it is found that the entry was a mistake, no charge will be made and the entire deposit will be refunded. Send Blars email from a non-listed account to verify current rates and arrange payment”

Only YOU can stop the negative effects of RBL’ers have on Internet connectivity. Stop using RBLs, or at the very least, investigate in depth the RBL’er policies and confirm that they are responsible and responsive to false positives. RBLs are not required to control spam. Be a good netizen and email admin and avoid using RBLs.

HTH,

Tom

Thomas W Shinder, M.D.
Site: www.isaserver.org
Blog: http://blogs.isaserver.org/shinder/
Book: http://tinyurl.com/3xqb7
Email: [email protected]
MVP — Microsoft Firewalls (ISA)

About The Author

Debra Littlejohn Shinder is a technology and security analyst and author specializing in identity, security and cybercrime, utilizing her past experience as a police officer and police academy/criminal justice instructor. She has written numerous books and articles for web and print publications and has been awarded the Microsoft MVP designation for fourteen years in a row.

Read Next

Leave a Comment

Your email address will not be published. Required fields are marked *

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top