Jon Kyme wrote:
From: Leif Neland
Subject: Idea: RUBL: Realtime UNblocking Lists
Newsgroups: comp.mail.sendmail
Date: Mon, 28 Apr 2003 18:47:31 +020
As you pointed out, one needs to block any IP that might be dynamically
allocated for this to work well. Even for IPs that don't change their
association frequently, periodic retesting would be required. I suppose
this might be requested by my MTA if I get an "old" response from the RUBL.
RUBL may itself implement retest policy of listed & looked up IP addresses
e.g. declare IP as clean after test for 4 months, but if anybody asks in
fourth month then send back "all clear" but schedule retest.
One issue I see is that it might falsely whitelist the output IP of
multistage relays.
RUBL (as proposed) it is not intended to detect multistage open relays.
It have a big chance to reduce number of single stage open relays "by
mistake" or "lack of proper knowledge" - if you want to send to us then
you must accept open relay tests [blocking relay tests gets more common].
There is one big problem: some people are ready to fight any "open relay
test" probes and declare them "illegal".
How big a problem would this be?
At early stages of RUBL deployment it should not not be a big problem.
Of course if we effectively block use of single stage open relays then
multistage open relays will be more valuable to spammers.
--
Andrzej [pl>en: Andrew] Adam Filip http://www.polbox.com/a/anfi/
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg