ietf-asrg
[Top] [All Lists]

Re: [Asrg] Re: DNSBL BCP v.2.0

2007-02-12 11:24:54
Matt Sergeant wrote:
On 9-Feb-07, at 9:03 PM, Douglas Otis wrote:

A period that represents typical IP ownership is not likely 6
months.  Many of these systems are compromised and can be retasked
to send spam once the IP address drops off a popular block list. 
How is 6 months reasonable for a long listing?  Why not state a goal
rather than setting some arbitrary period not based upon any
information or rationale.

The goal is stated. If it needs to be clarified we should do that.

DNSBL operators should mimic Spamhaus policies?  Don't suggest there
is some magic period.

Our belief: There needs to be a sensible maximum time of listing should
the entry no longer meet the listing criteria.

We think 6 months is a sensible maximum. This BCP is in NO WAY
suggesting that an IP/range shouldn't ever be listed for longer than 6
months, but that if your listing criteria is no longer met then the
entry should time out after a maximum of 6 months.

Clearly we can state this better. I'll try and get Nick to use something
from the above paragraph.

Good idea.  I can see that that section is being misunderstood.

Publicly listed messages likely represent a sacrificial source. 
There lies the rub.  What happens when a spammer has an above
average IQ?  Your listed, but we can show you why?

Do you have an objection to this point being a SHOULD? Clearly DNSBLs
maintain and even display audit trails and retain effectiveness. I'm
lost by your argument here. The point of this section is that an
audit trail is a valuable thing when there's a complaint about a
listing, or some other issue, so even if it's not public the audit
trail really should exist.

An audit trail should exist.  There are considerations not covered in
this draft about what can be made public.  Those considerations should
be included.  This could brace users when they hear something that
they don't want to hear.  "I can't show you the message."

Good point. How about:

   A DNSBL SHOULD maintain an audit trail for all listings and it is
   RECOMMENDED that it is made publicly available in an easy to find
   location, preferably on the DNSBL's web site.  Please note that
   making audit trail data public does not entail revealing all
   information in the DNSBL administrator's possession relating to the
   listing; e.g., a DNSBL administrator MAY make the audit trail data
   selectively accessible in such a way as to not disclose information
   that might assist spammers, such as the contents of an email received
   by the DNSBL's spam trap.

I like.  Just change the last "the" to "a".

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg

<Prev in Thread] Current Thread [Next in Thread>