On 9-Feb-07, at 9:03 PM, Douglas Otis wrote:
A period that represents typical IP ownership is not likely 6
months. Many of these systems are compromised and can be
retasked to send spam once the IP address drops off a popular
block list. How is 6 months reasonable for a long listing? Why
not state a goal rather than setting some arbitrary period not
based upon any information or rationale.
The goal is stated. If it needs to be clarified we should do that.
DNSBL operators should mimic Spamhaus policies? Don't suggest
there is some magic period.
Our belief: There needs to be a sensible maximum time of listing
should the entry no longer meet the listing criteria.
We think 6 months is a sensible maximum. This BCP is in NO WAY
suggesting that an IP/range shouldn't ever be listed for longer than
6 months, but that if your listing criteria is no longer met then the
entry should time out after a maximum of 6 months.
Clearly we can state this better. I'll try and get Nick to use
something from the above paragraph.
Publicly listed messages likely represent a sacrificial source.
There lies the rub. What happens when a spammer has an above
average IQ? Your listed, but we can show you why?
Do you have an objection to this point being a SHOULD? Clearly
DNSBLs maintain and even display audit trails and retain
effectiveness. I'm lost by your argument here. The point of this
section is that an audit trail is a valuable thing when there's a
complaint about a listing, or some other issue, so even if it's
not public the audit trail really should exist.
An audit trail should exist. There are considerations not covered
in this draft about what can be made public. Those considerations
should be included. This could brace users when they hear
something that they don't want to hear. "I can't show you the
message."
Good point. How about:
A DNSBL SHOULD maintain an audit trail for all listings and it is
RECOMMENDED that it is made publicly available in an easy to find
location, preferably on the DNSBL's web site. Please note that
making audit trail data public does not entail revealing all
information in the DNSBL administrator's possession relating to the
listing; e.g., a DNSBL administrator MAY make the audit trail data
selectively accessible in such a way as to not disclose information
that might assist spammers, such as the contents of an email
received
by the DNSBL's spam trap.
Matt.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg