On 2/9/2004,Yakov Shafranovich sent forth electrons to convey:
I would like to pose a question to the group. The IP address of the
incoming MTA is the only sure thing that we possess today that cannot
be easily spoofed (BGP attacks aside). There are numerous blacklist
and reputation services out there that carry and store information
about IP addresses. With an LMAP-type proposal like DRIP, this
information can also be keyed by domain name.
All of this implies that reputation services such as blacklists will
continue to exist. However, a major problem has been with these
services is that they provide a binary yes/no answer.
This is incorrect; several BLs already provide a variety of answers.
The reason many BLs provide a binary answer is that the software they
run on only allows it (and can thereby be less resource-intensive). 1
bit for all of IPv4 fits in RAM on many machines, especially if
compressed...
Some that I've posited are:
SpamCop provide its spam/ham ratio.
Someone who used this IP [threatened to | did] sue me.
A spammer who used this IP owes me money. (payola.org)
The admins of this IP tell me they provide a free email service, but do
their best to police their users.
The admins of this IP tell me they provide a free email service, but do
their best to police their users.
The admins of this IP tell me they don't spam and agree to pay for any
that is sent from this IP.
AHBL has 18 response codes listed at
http://ahbl.org/responsecodes.php
DDOS attacks on blacklists have shown than reliance on DNS might not
be such good idea. Other possibilities like P2P services might be
feasible.
Some BLs have found effective ways to defend themselves, as well.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg