ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Asrg] 2a. Blacklists, collateral damage and anonymity

2004-05-05 10:35:31
from [Matt Sergeant] [Permanent Link] 
Phillip,
I get the feeling you're happy with certain blacklists. It's two issues [*] you feel stuck on: 1) Collateral damage and 2) anonymity. So I'll try to address those. 

Collateral Damage
-----------------
This is a really tough issue. There's really only one DNSBL that I support in terms of its collateral damage policy and that is the SBL. They will escalate a listing from the IP addresses sending spam to the corporate mail servers of the ISP in question if they are unable to get action from that ISP in removing the spammer. They do not do this lightly - only after making numerous attempts to contact the ISP both via email and telephone calls. Note the fact that the escalation is not to the entire ISP - just to the corporate mail servers of the ISP.
This seems to me to be a useful technique to kick spammers off the ISP. It has worked. And this level of collateral damage doesn't have too negative effect on the customers of the ISP.
However we didn't feel we could codify this technique into the BCP. Maybe we should. Instead we tried to steer towards collateral damage being the LAST resort.
We did not wish to outlaw the SBL, as it is a VERY good blacklist, and is run very well and is highly respected. Creating a BCP which outlawed the SBL would have a far greater negative effect than creating a BCP which allows it to escalate listings.
If you do not feel we are currently doing so in this BCP then please help us strike a middle ground instead of declaring the BCP pointless. 

Anonymity
---------
We did not wish to prevent anonymity in the BCP because it provides useful protection to the people who run these services. This has become necessary not because what they are doing is illegal, but because the cost of even a failed lawsuit in the US is too much for the creators of the blocklists to bear.
So there's a rock and a hard place. A good blocklist like the CBL is anonymous for the reason above (and other reasons). And yet it only lists insecure machines for a short temporary period. It stops varying amounts of spam for people (in the range of 40% to 80%) with practically zero false positives. Having the CBL around makes internet email much better than not having it.
Do I wish that these blocklists could all be public facing and not anonymous? Absolutely! But the reality of your litigious society has ensured that this is becoming more and more difficult.
I cannot comment on the legality or otherwise of being anonymous and anyone else who cannot comment on it (because they are not lawyers) should not. 

Matt.

[*] Feel free to correct this if I'm assuming wrong.


______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email ______________________________________________________________________ 

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Asrg] draft-irtf-asrg-bcp-blacklists-00, Seth Breidbart
Next by Date:  Re: [Asrg] RE: Analogies, Dr. Jeffrey Race
Previous by Thread:  [Asrg] RE: Analogies, Hallam-Baker, Phillip
Next by Thread:  Re: [Asrg] RE: Analogies, Dr. Jeffrey Race
Indexes:  [Date] [Thread] [Top] [All Lists]