Announce mailing list
Hosting is generously provided by Sonic.net
Frequently Asked Questions
Connect to the route server(s) with BGP, then feed the two lists to two
different mechanisms. The two lists are marked with different BGP
Communities, so you can easily determine which is which.
- 65066:42 - whitelist.
These are entries that are semi-trusted, and may be used to bypass your
greylisting. Of course, they are not guaranteed to not be spammers, so
you should still use content-based methods to check.
- 65066:666 - blacklist.
These are entries that sent mail to a "spam trap" address, and
are considered spammers.
It may be tempting to simply nullroute or blackhole all members in the
You don't want to.
By blackholing them, you have no knowledge if they are continuing to
send you mail, or of telling them that they are blacklisted. If they
are a legitimate email server, the email administrator on the sending
side can detect the rejects and fix the source of spam.
Additionally, letting them get "451-try again later" for 24
hours wastes more of their resources than letting see a tcp timeout.
While clients are able to connect and fetch this feed, any addresses
submitted WILL be rejected. Addresses will only be added to this list
from a very restricted set of upstream servers. Each upstream server
will be vetted by the Route Server administrator, and agrees with the
Whitelist entries are IP addresses that have sent a minimum of 10 emails
in the last 75 days. These values are to make it more difficult for a
system sending spam to be accidentally whitelisted.
Blacklist entries are IP addresses that have sent an email to a SPAMTRAP
email address within the last 24 hours. ONLY the specific IP address
that sent the email will be listed.
Our goal is to distribute entries that we are
confident are "real" mailservers based on the information in the
The advantage of this is that "likely good mailservers" mailservers communicating
regularly with any participant will not be
subjected to greylisting delays at all participants.
We WILL NOT list netblocks of
any size, just because a "neighbor" sent any amount of
messages to a SPAMTRAP email address.
The Route Server is configured to reject any address on the White list or
Black list that is not a host-specific entry.
In short: They will not be changed.
Clients are required to not modify their routes, based on the received information.
The next-hop entries distributed are bogus, and non-sensical for your
network. Our distribution mechanism (BGP) requires a next-hop entry,
and these are currently set to the originating server.
All clients are able to connect and use this feed without registering, and
without requiring a dedicated AS assignment.
We do allow connections from non-direct connections, and even through
NAT. Due to technical reasons, we only allow ONE connection from an IP
address at a time.
Client systems will NOT be allowed to add any addresses to this feed. All
such entries will be rejected.
Commercial entities are allowed to use this list, HOWEVER they
should be aware this service is considered experimental and may be closed
at any time. Commercial entities are requested to contact me before
using, to be a "Good Neighbor".
Yes, non-OpenBSD clients can use these lists. While we do not have
specific configurations yet, a client would need to:
Please let us know how to configure any additional software to use these
lists, and we will add them to the site.
- Fetch lists using BGP
- Extract entries marked with the Whitelist Community, and feed these addresses to their Whitelist mechanism
- Extract entries marked with the Blacklist Community, and feed these addresses to their Blacklist mechanism
In short: No
This is a network-based solution, intended to block the
low-hanging fruit of spam. Content based scanning is still recommended.
For the reference server implementation, I wish to be very conservative.
If you have a large list (i.e. have more than 20k entries each on your
White list and Black list) AND agree to our selection criteria,
please contact me so we can discuss this in more detail.