By Neil Schwartzman
Senior Director, Security Strategy, Receiver Services
Last week I wrote about how the sender community needs to be engaged and involved in the fight against spam. In particular, anyone who cares about the future of email needs to be very concerned about spammers who use “zombie” computers to send their messages.
Many senders wonder what action steps they can take to help in this fight. Spamhaus has launched a new Policy Block List that is intended to be a point of demarcation between IP addresses legitimately and illegitimately sending mail. Want to help the global fight on zombies and botnets? Join the list.
The Spamhaus PBL is pretty simple. Network managers are able to self-specify those IP ranges under their control that are not supposed to be sending email, and all their other IPs will be considered to be legitimate sources of mail. If you do not control your own IP addresses, encourage whoever does (your email service provider or other vendor) to provide their data to the PBL.
If your provider makes a mistake, senders can easily de-list up to a /32 from the PBL; the URL to do so should be found within any error messages you receive.
We expect that in these early days, receiving sites will only use the PBL to tag — but not block — email. In fact, Spamhaus is encouraging receivers to use it this way. They realize that full adoption by the legitimate sending community will take time. But, obviously, receiving sites will eventually begin to use it to block IP ranges not appearing there.
Clearly, it is going to be in your best interest to get on this list, and sooner rather than later. But, again, the real benefit here is to the entire email community. By working together with Spamhaus in an effort to distinguish their legitimate email stream from illicit ones, senders can be part of the solution to the spam and phish problem.
To learn more — and to sign up! — visit http://www.Spamhaus.org/pbl/.