ietf-asrg
[Top] [All Lists]

RE: [Asrg] A New Plan for No Spam / DNSBLS

2003-04-26 18:22:36
It is very odd that each time someone posts a message like this defending
blacklists the message itself comes back to demonstrate the points being
raised.

Vernon and others have pointed out other errors/problems that I agree

Vernon has made himself irrelevant to this discussion. 

First, you inaccurately use inflammatory words to describe DNSBLs.
For example, instead of using the term "vigilante" to mean "taking the
law into your own hands", you define "vigilante" as being
"unaccountable". 

No, I use the term to mean taking the enforcement of rules, whether
legislative or not into their own hands. The vigilantes from the
US racist south were not taking the 'law' into their own hands when
they lynched blacks, they were imposing their own rules on society
through force.

You claim that DNSBLs are being coercive ("*forcing* to act or
think in a certain way"), and as a censor ("some sort of
official/authority that defines objectionable material").

The description of collateral damage given by all the blacklist
sites is a description of a program for coertion.

The reason given for the verisignlabs listing was specifically to
attempt to force us to cause the ISP to change their policy
wrt another customer. 
 
DNSBLs can not force anyone to do anything and any authority given to
them is by consensual users of the DNSBL.

The ISP can consent, but what about the users of the ISP? In most
cases the users have no knowledge of the fact that a blacklist is
even in use.

Their widespread use indicates that many receivers of
email have confidence in at least some DNSBLs.  

Very few end users know that blacklists are in use.

You claim that "Unfortunately the majority of blacklist operators
appear to consider themselves beyond accountability."  DNSBL operators
do not *NEED* to be accountable to anyone other than people who use
them, and those people can freely choose to stop using a DNSBL if they
want.

Ah as we see, cannot quite keep up the pretence. So there is no
need for accountability then and sysops at ISPs are the ultimate
arbiters not the actual end users.

You claim that "In one recent incident one of the blacklists listed
the entire nation of China. Another blacklist listed UUNET, one of the
largest ISPs in the US including all its customers in an attempt to
force UUNET to shut down a Website run by a UUNET customer."  You have
made these claims before, but you have never documented them in any
way.  There are certainly DNSBLs that block all of china (and many
other regions of the world, for that matter), but the only ones I know
are very explicit about what they are doing. 

Ah so racism and bigotry are alright if we are up front about it?

If you go through Vernon's web site you will find a page where he 
suggests that people block all mail from ISPs that provide free 
Internet email hosting. I don't think we need to take Vernon's other
statements in this respect at all seriously, he is clearly not
a credible person on this subject.

Thirdly, in the "BEST PRACTICES" section, you talk about creating some
sort of "common agreement on best practices for blacklists setting out
criteria for issues such as notice to the listed parties, appeals
processes and the acceptability of `collateral damage'."  This is both
unnecessary and undesirable.

It is unnecessarey because DNSBLs can not force anyone to do anything,
their only authority comes from others who freely choose to use them.

Again, this is a very sysop centric view of the world. I do not believe
that system or network operators are the ultimate arbiters of the 
Internet.

The 'right' that appears to be being defended here is the right of
sysops to make decisions on behalf of their users with no 
accountability.

Finally, you include DNSBLs as part of your overall spam solution.
You say that it is better to use them as one factor in the filtering,
rather than a straight accept/deny system, and I can agree with that.
However, that choice is really up to the organization receiving email
to decide.  I find it very strange that you would spread so much FUD
about DNSBLs and then turn around and say that they are part of the
solution.

I do not beleive that the attempt to coerce others into forcing their
ISPs to behave in certain ways is an acceptable solution.

Blacklists may be able to play a part in the solution but I have yet 
to see one run in a responsible way for very long. Other agendas 
seem to have their way of making their way in.

I don't see much encouragement when anyone who raises valid complaints
against blacklists gets the sort of treatment that Fox News reserves
for the token liberals that appear, "You have made statements critical
of blacklists, why do you hate America and when will you stop giving
support to Osama Bin Laden and Saddam Hussein?

                Phill


_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg