Daniel Feenberg wrote:
On Tue, 17 Feb 2004, Alan DeKok wrote:
A week ago, Yakov Shafranovich <research(_at_)solidmatrix(_dot_)com> wrote:
What I find problematic is that there is an existing identity in email -
IP addresses. If blacklists are made to be more feature rich, possibly
becoming reputation services, that might help. So I am not sure why
going to domain identity or sender identity makes a difference.
IP addresses are short-lived, and machines at an IP are being
hijacked to send spam. You can't have a blacklist if one IP sends 10
spam in 5 minutes, and then disappears for a week.
But what is the harm in leaving the IP address in the database? If
tomorrow it isn't a spammer, it is still a dynamic IP address, and I don't
want mail from that address, do I? And tomorrow its new address goes on
the list.
The harm in leaving it in the database depends on the stated policies of the
database operator. If the users of that list know that known dynamic
addresses are being left on after they have been used and discarded, and
still want to use it, that's fine. If users are told or assume that the
database lists known currently-spamming addresses, then leaving dynamic
addresses lying around would be bad.
The difficult decisions in refusing mail come from IP addresses that send
both spam and legitimate mail, such as major ISP mail servers. A dynamic
IP address will hardly ever be the source of legitimate mail, so it isn't
a hard decision.
Furthermore, an individual operating an MTA on a dynamic address doesn't
have much ability to pressure you to accept his mail. He is clearly
capable of using mailertable to divert mail to you through his ISP, or he
wouldn't be able to install Sendmail in the first place. And if he brings
up confidentiality concerns, you can decide for yourself if they are
relevant.
Confidentiality is not the only possible concern when dealing with ISP mail
servers. My provider's outgoing servers occasionally experience unacceptable
delays, and have occasionally been blacklisted. I'm here because I want to
push forward a standard that will allow me to claim accountability for what
my server sends, so that mail form it will be accepted, as it often isn't
now by certain large ISPs unless I relay through my ISP's server.
I am aware that many people feel that RBLs can't do a good job on hijacked
PCs, but I haven't seen a convincing explanation yet. It may be that they
haven't done a good job yet, because not all the dynamic addresses are on
the RBLs yet. But it only takes time.
RBLs should never have to list dynamic addresses. Think about the term
"real-time blackhole list". I doubt there are many addresses that shift
between dynamic and static allocation, considering that that would make them
dynamic by definition. All dynamic addresses belong not on RBL lists, unless
they are in the middle of a spam run, but on DUL and equivalent lists.
Perhaps when we have lists of likely hijacking targets, some MTA vendor
might implement security scanning against connecting clients to test for
obvious signs of hijacking.
Philip Miller
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg