The Trouble with Trusting RBLs

Many of us use blacklists such as those provided by Trend Micro's MAPS program as part of an anti-spam solution. However, by doing so we're adding significant risk due to ineffective (or absurd) administrative procedures on the part of the list provider. For example, a datacenter I use has IP space incorrectly listed on TrendMicro's MAPS DUL. When they attempted to have the static space removed (15 blocks totaling 159,744 IPs), Trend Micro responded that they would not remove the IPs from their blacklist unless the rDNS for every IP in the space was modified to include the word 'static'.

Trend Micro was unwilling to offer any alternative way to correct the DUL, and indicated that since the center hadn't changed rDNS on all of the IPs that their space would remain listed, incorrectly, on the DUL.

The damage done by such mistakes is then magnified by the common anti- spam practices of either silently dropping the mail, or delivering the mail to a "Junk Mail" folder which often remains unchecked. In both cases, the sender is unaware that a problem has occurred, and that an alternate means of communication must be established.

The experience made me wonder how many blacklist consumers really understand and recognize the amount of risk they're accepting, when they trust a third-party blacklist so thoroughly that they will silently squelch communications according to that list.