[afrinic-anti-spam-discuss] DNS whitelisting

Graham Beneke graham-ml at apolix.co.za
Tue Oct 2 22:12:43 SAST 2007 

Hari Kurup wrote:
> Graham Beneke wrote:
>> The whitelist currently contains most of the major mail servers in South
>> Africa as well as a number of smaller servers from around SA and the
>> rest of the continent. 
> 
> Maybe I don't fully understand it quite well. What criteria did the
> "major mail servers" pass in order to have the privilege of being on
> your whitelist?
> Blacklisting uses exclusion (based on spam reports, etc.) while
> whitelisting uses inclusion based on what exactly?

Up to now my listing criteria has been very relaxed:
As soon as my mail server receives one legitimate mail from a specific 
IP address then that IP gets onto the whitelist. Surprisingly - that 
approach has been very reliable in determining the legitimacy of SMTP 
senders and I have only had to remove about 3 IP's when spam complaints 
are later made.

This reinforces my theory that that most of the spam being sent today 
originates either from botnets or from abandoned mail servers that are 
not being used for legitimate mail anymore.

I am looking at a slightly more structured set of listing criteria and 
you are welcome to give your input:
* Valid server setup (correct rDNS entries and the like)
* Reliable and efficient unsubscribe mechanisms if it is a bulk server
* Peer trust mechanisms whereby mail administrators in "good standing" 
can nominate and vote in favour of a specific servers
* Server owners required to provide an abuse contact for each listed 
server and make a commitment to resolve spam complaints or face removal 
from the whitelist
* Probational periods where servers are listed on a low trust list and 
gradually moved to higher trust lists for every month of complaint free 
operation

I consider auto-responders and mail delivery failure messages that are 
falsely addressed to be mail abuse and the 3 removed IP's were removed 
for that exact reason.

-- 
Graham Beneke
Apolix Internet Services
E-Mail/MSN/Jabber: graham at apolix.co.za   Skype: grbeneke
VoIP: 087-750-5696                       Cell: 082-432-1873
http://www.apolix.co.za/

More information about the anti-spam mailing list