On Mon, Mar 08, 2004 at 01:15:56PM -0500, Seth Breidbart wrote:
So what is the list supposed to list? Everybody who asks? What use
would that be?
Everybody who asks and conforms to the terms. Yeah I know this terms
are the problems, because "I don't like your face" should not be one
of the terms. The terms should be clear and the decisions should be
possible for everyone to reproduce.
E.g. DNSBLs that have examples of relayed emails are more trustworthy
(at first glance) than those who don't. I am fully aware that these
can be faked, but the records make it reproducible and if I cannot
reproduce the behaviour either the problem is fixed or they might
be telling lies. DNS /blacklists/ also give reputation, even if it is
negative.
Or would it have a notation as to whether or not the list entry
actually passed the criteria? If so, how would that differ from not
even listing those who didn't (other than it being less likely to be
sued for not mentioning X than for saying "X didn't pass the
criteria")?
The problem is that if someone is not listed, they either
a) did not try
b) failed the listed terms
c) had an ugly face
and my problems are that c) is a possibility at all.
Why do you think such lists are bad? Many people find them useful.
Because they are not neutral, they have stale entries and the terms
are unclear.
There are days were I receive from mail.<bigisp>.com as much (an more)
spam mails as I receive from mail.<some spammer>.com.
I have never seen mail.<bigisp>.com listed in any spam block lists. Why?
I have never gotten an answer to spam complaints and I don't notice
something is changing.
They are not listed probably because that would cause a lot of
"innocent" users to be punished by false positives. But where is the
difference to mail.<small isp>.com that gets added to the list, just
because one customer had a hacked proxy?
Isn't that exactly how reputation works in the real world?
When X tells me "Y has characteristic A" I filter that through (my
belief in) X's credibility, X's ability to judge characteristic A, and
other knowledge or beliefs I have about Y.
No, not in my experience. I don't believe in "wildcard credibility".
If someone brings a letter as reputation for a job as a programmer and
that letter says "I know he can look at monitors as he worked in a TV
shop and he has a nice face" all I can do is laugh about that but I'll
surely not take that into account for the decision to give him that job.
They did. You're objecting to their rules because you don't feel
they're explicit enough.
Agreed ;-)
Given that several of those are _known_ to lie, of what value is their
certification?
It's a matter of trust. But if I really want to I can check it myself.
If you want the ability to sue them should they be wrong about a
listing, too bad.
I think it is ridiculous to sue someone because of expressing their
opinion if it is based on facts (like with most RBLs, that's why records
are important).
However if someone expresses their opinion as a public service (and IIRC
is the intent of IADB) then their process of decision should be
reproducible.
What makes them "an error in general"? Once again, to some people,
they're _useful_.
To some people it is useful to drink a whole bottle of Vodka in a few
gulps. To some people it is useful to smoke crack.
Any service is dependent on its local law.
No it is not.
Really? There's some service in some location that can ignore its
local law? Can you give some examples?
Sure, services run by the UNO. /If/ there needs to be such a list
it should not depend on the law and influence of one country. We've
seen what happend/happens with IANA and especially ICANN.
There have to be terms of service and as e.g. ICANN is operating for
all countries connected to the Internet and it is ridiculous that
ICANN is subject to the laws of one country pr even state, just because
of the fact that the headquarter is there.
I might find that there is a correlation (probably negative) between
their listings and spammers.
Ok. And I think they are tricking people into thinking that and that
their terms would also allow a spammer to be added if they like to.
FINAL DECISION FOR INCLUSION IN IADB IS AT THE DISCRETION OF ISIPP.
without any limitation.
If they all act the same way you clearly don't know very many of them.
I didn't say I know all ... I said I know enough of them and I didn't
say they all operate the same way.
Zillions of clueless journalists and other idiots who believe them do
not make for intelligent policies.
Right. But they show how easy it is to trick people.
"All over the place, from the popular culture to the propaganda
system, there is constant pressure to make people feel that they
are helpless, that the only role they can have is to ratify decisions
and to consume." -- Noam Chomsky
Then their customers lose out. Not my problem.
Sure. That's a valid point.
But wasn't our goal to design a system that works for all? Not only
for the 1% (is it that much) of clueful admins who know what they are doing?
It's easy to have (nearly) zero spam: don't accept email from MTAs whose
admins you don't know personally and whom you do not trust to correctly
operate a mailserver. The problem is that as an ISP you will /very/
quickly loose all your customers.
\Maex
--
SpaceNet AG | Joseph-Dollinger-Bogen 14 | Fon: +49 (89) 32356-0
Research & Development | D-80807 Muenchen | Fax: +49 (89) 32356-299
"The security, stability and reliability of a computer system is reciprocally
proportional to the amount of vacuity between the ears of the admin"
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg