ietf-asrg
[Top] [All Lists]

[Asrg] (no subject)

2003-08-28 13:51:26
Bill Cole wrote:

Yakov Shafranovich wrote:

According to the several messages (http://www.merit.edu/mail.archives/nanog/msg12818.html)
...........
This has implications for DNSRBLs in general including the BCP area - how to account for a DNSRBL shutting down or being unreachable due a DDOS attack.

The only implication I see is that people managing mail systems should be a little more careful about whose DNSBL's they trust.

There have been issues of technical competence, transparency, and trustworthiness raised
.........
Simply put: a DNSBL doesn't suddenly list all of 0.0.0.0/0 by accident or because of some attack on its source, it requires an intentional act of the person controlling the list. Using a list whose
operator is prone to such fits of pique is not a good idea.

It do points to that lists need to be operated in a resilient way, that we might need back-up's locally. We might also consider if it isn't time to get actors as FTC need to oversee and maybe back-up this types of lists or that the user have a responsability of maintaining its own honeypot/internal report mboxes, catching spam data, directed to the individual organisation, maintaining it's own list.

Kurt Magnusson

_________________________________________________________________
MSN 8 with e-mail virus protection service: 2 months FREE* http://join.msn.com/?page=features/virus


_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg



<Prev in Thread] Current Thread [Next in Thread>