AST night, Brad Templeton pointed out that mail servers which run autoresponders or challenge/response filters could get blacklisted by spamcop.net. This is a database-driven Web site, which various spam filters rely on as a knowledgebase-type service. It also banned our LUG‘s mailing list earlier today.

I have been aware of the problems with such anti-spam tactics for quite some time, but never thought it could lead to this. As some commenters pointed out, other services may indirectly abolish anti-spam practices such as challenge/response, as well lead to banishment from people’s inboxes. Put in Brad’s words:

I learned a couple of days ago my mail server got blacklisted by spamcop.net. They don’t reveal the reason for it, but it’s likely that I was blacklisted for running an autoresponder, in this case my own custom challenge/response spam filter which is the oldest operating one I know of.

My personal solution, as posted in reply to the article, is to use a spam filter ‘on top’ of the challenge/response component. The intent: lowering the amount of challenges. One can reduce the likelihood of banishment in this way, as well as become less of a nuisance to the Net. In other words, it is possible to rule out cases when messsages are rather obviously spam. It leads to lower volume of messages being dispatched, which in turn can avoid blacklisting.

I use SpamAssasin, which is active at a layer higher than challenge/response (in this case Apache with BoxTrapper). Whatever gets scored as spam will be put aside in a mail folder which is reserved for spam. Only messages not marked as spam (and not in the whitelist either) will have a challenge delivered. This cuts down the number challenges by about 70% in my case. It never entails any false positive because I set the thresholds rather high.

This entry was posted on Wednesday, January 4th, 2006 at 4:18 pm and is filed under Cyberspace, Mail, Security. You can follow any responses to this entry through the RSS 2.0 feed. Both comments and pings are currently closed.