Let's not classify all spam blacklists as the same. UCEPROTECT is in a special class of extortionist cowboy, because it's basically just an inaccurate protection racket throwing a wide net across cloud providers who won't play their game. Some other blacklists are updated regularly and only contain IP addresses that have actually sent spam. By contrast, UCEPROTECT3 just lumps ISPs into the list even though an address has never sent spam.
I run a mail server on AWS, and we use some blacklists to drop mail. It's quite effective and that's why people keep using them. A properly curated blacklist is a powerful tool, and more accurate than the machine learning mush that people have come to rely upon.
UCEPROTECT is just horrible, full stop. Stuff like [1] read like it's written by a 13 year old. Lots more where that came from; as near as I can tell UCEPROTECT is run by a single person who is consistently vitriolic like this to anyone offering even the mildest of criticisms (supposedly multiple people have involved over the years, but their, ehm, distinct colourful personalities are so alike that I'm inclined to think it's just the same person using different aliases).
People have been complaining about this for a very long time; as long as I can remember. In the past they've also just permanently added people's IPs after complaining their IPs were wrongfully listed (not sure if they still do that).
The UCEPROTECT blacklist should be blacklisted by everyone. Yes, we need a blacklist of blacklists.
I think I understand a lot more about UCEPROTECT now that I've read the message you linked. This is pretty extraordinarily sexist and unprofessional, and you can really get a sense of how much the author despises anyone who criticizes him.
> CEPROTECT3 just lumps ISPs into the list even though an address has never sent spam.
But this is by design[0]
> This blacklist has been created for HARDLINERS. It can, and probably will cause collateral damage to innocent users when used to block email.
And it makes for a perfectly usable blocklist. If you use postfix, the postscreen_dnsbl_threshold and postscreen_dnsbl_sites parameters let you create a simple scoring system:
I made up the numbers, because you will need to monitor your system for a while to see if they make sense, but the principle holds. Also make sure that the dnsbl you are using are working for you.
But it isn't really a problem with uceprotect, it's about how DNSBLs are used.
I also run an email server. I just used https://mxtoolbox.com/ to check my status and yep, UCEPROTECTL3 is the ONLY one to have my IP range listed.
The article sums it up nicely: IP blacklists have their place, however, please don’t use the overarching neighbouring blacklists such as UCEPROTECTL2 and UCEPROTECTL3.
Spamhaus, which (as far as I can tell) is seen as the "most legitimate" blacklist is just as bad, if not worse. UCEPROTECT might be extorting you, but at least you know the name of the game. With Spamhaus, any email sender can get blacklisted for whatever nonsense rules Spamhaus comes up with – many times a set of entrapments they themselves have devised – and they have zero urgency or clarity around resolving it. "Fix the problem" they say. Okay, what's the problem? "Be a better sender." Okay, how? It's like a conversation with Yoda.
To be clear: I DON'T think blacklists are the problem. I think the problem is that a half-dozen major blacklists are controlled by unaccountable organizations who make up rules willy nilly, and privilege major email senders while punishing smaller senders / home hobbyists.
I run a mail server on AWS, and we use some blacklists to drop mail. It's quite effective and that's why people keep using them. A properly curated blacklist is a powerful tool, and more accurate than the machine learning mush that people have come to rely upon.