Blacklists: The new neighborhood watch

The dnsbl (DNS-based blacklist) concept is simple. By default, mail servers are configured to accept all incoming connections; DNSBL-enabled mail servers can put each connection on hold and consult one or more blacklists. If the sender’s IP address is blacklisted, the mail server has the option of hanging up on the sender before the questionable mail is received.

Operators of DNSBLs, including spews.org, spamhaus.org, and spamcop.com, feel the best way to stop spam is: Keep spammers from connecting to targeted mail servers in the first place. Users are not inconvenienced, and bandwidth is conserved. Blacklisted senders can deliver no e-mail whatsoever to servers or recipients that block blacklisted addresses. It seems like an ideal solution.

But blacklists have been controversial from the jump. Humans have to maintain the blacklists, just as humans manage the lists of URLs blocked from sensitive (or working) eyes with Web filters. Blacklists are therefore subjective, and opponents argue that the DNSBL arbiters are activists who brand harmless and valid e-mail as spam. Blacklists are maintained partly by consensus — subscribers to the lists submit candidates for inclusion — but in the end, someone has to decide whether a suspect is guilty or innocent.

By unfortunate necessity, the brush used to tar spammers is awfully wide. If you do find yourself erroneously blacklisted, you can plead your case to the list maintainers via e-mail or an automated Web site. They’ll remove your address range from the list if you are listed improperly. Of course, it takes longer to get removed than it does to get listed.

If you innocently swim in the same pond as a spammer, the only way to get clear is to have your Internet provider kick the spammer off its network. Blacklist maintainers’ systems immediately notify affected providers of new listings on their network. Most providers don’t want spammers on their service, and the blacklists help them focus their investigations.

Refusing connections from blacklisted addresses is purely voluntary; blacklists have no effect on mail servers that don’t consult the lists. Almost all open-source Unix mail servers, including the popular Postfix and Sendmail, can consult the blacklists with simple configuration changes. Commercial mail software either includes blacklist support or offers it as an add-on — MDaemon, for example, is a commercial server with standard blacklist support — and several vendors sell spam filtering for Microsoft Exchange.

In truth, most blacklist users simply mark e-mail from blacklisted senders as suspect but still deliver it. Marked messages can then be discarded by users themselves. In the end, it’s their choice.