On Thu, 12 Feb 2004, Jose Marcio Martins da Cruz wrote:
Eugene Crosser wrote:
On Wed, 2004-02-11 at 20:02, Jose Marcio Martins da Cruz wrote:
This may indicate that many spam is sent by a distributed system of
workers, and not by open relays.
If this is the case, and if this kind of way continues - the tendance
will be to have more and more IP addresses to be inserted on blacklists.
...
But if we agree that great majority of spam comes from zombies, why
should we continue to use blacklists.
We use blacklists and we have one DNS server serving rbl requests.
named process in this machines eats almost 900 MBytes of memory. Sure,
memory is cheap, disk is cheap, bandwidth is cheap - but ther's a
limit if blacklists are less efficient than other methods.
Or maybe I'm wrong.
Can you explicate further? I would have thought that zombies were
an ideal target for an RBL. They produce only spam, so there is no
problem of blocking legitimate mail and their owners do not complain
about the listing.
Of course if the IP address dynamically assigned, there is the remote
possibility that the next user will have legitimate mail, but this writer
at least believes they should forward that to an MTA with a static
address. It would be helpfull in defusing some of this controversy
if sendmail had a "dynamic IP" option which caused it to use the smarthost
if and only if the direct route was blocked. It is quite possible that
many of these users wouldn't notice the difference, and only care because
it bit them unexpectedly.
As to memory usage of BIND, by the time every possible IP address needs to
be in the RBL, memory will be cheap enough to make this possible.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg