ietf-asrg
[Top] [All Lists]

Re: [Asrg] Comments on draft-church-dnsbl-harmful-01.txt

2006-03-31 17:57:12
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Laird Breyer wrote:
On Mar 31 2006, Chris Lewis wrote:

We're a business, and the contracts are worth a _lot_.  So the incentive
to report, since the senders will get almost immediate notification, is
very high.

That is an important point, and you're in the best position to judge
it, but people can't report what they don't know might be occurring,

That's the point - they _do_ know it's occuring.

whatever the incentive. So claiming incentive as an argument for the
success of dnsbls won't (and really shouldn't) sway standards committees.

You're missing the intent.  The intent is to show that our FP statistics
have pretty strong validity, full stop.  In that, it should sway those
wanting such statistics as proof/disproof of the success of DNSBLs.

Even if you don't accept the transferance of such numbers to other
environments, it still demonstrates proof of the effectiveness of DNSBLs
in at least some environments.

While I expect you are well aware of this, it still leaves you (and us
here) with the need to perform a more direct investigation to back up
the claim.

Moreover, it is simply not true also to argue that if dnsbls are likely to
be helpful in the latter case because of the incentive argument and a
low complaint rate, this therefore should imply that dnsbls are likely to
be helpful in the former case too.

But it is true in terms of demonstrating the FP level of a given DNSBL -
that's going to at least have some implications for "lower value"
scenarios that don't have notifications.

Certainly better than a hand-picked insignificantly small sample.

It simply isn't possible to generate statistical accuracy in this field.
 Spam/Ham collections large enough to be useful can't be generated
timely enough to give accurate measures of real-time reputation systems.

I should point out that we ALSO have full quarantine of all blocked
email that the recipients can examine.  There's an insignificantly small
number of FPs reported that way.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3-nr1 (Windows 2000)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iQCVAwUBRC3LdJ3FmCyJjHfhAQJU9AQA2K5ndL9B/xmFzIq8CZXW54AiFpjmO+gR
6ljPwmjlrysUPaSyTtbxJ6nfgs1aM36zlm5n3yTTiL9c2Y2hwr+FpZw43STNB9lG
cfD4SKiUhVzLoTFCdDCoGQxCSWvSnlWq/cz6KUBFTBPv94cXFIE26LkAp8leemDh
9SU1RB+EnN0=
=ZjoO
-----END PGP SIGNATURE-----

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg

<Prev in Thread] Current Thread [Next in Thread>