On 14-Feb-07, at 5:06 PM, Douglas Otis wrote:
This draft however recommends a delisting policy (interval) that
_specifically_ ignores the behavior of the ISP.
You are the only person who thinks that. Everyone else can see that's
not the case.
The note Matt referenced pertains to condition continuing with
respect to a _specific_ IP address.
Note that all listings being temporary does not mean that some
listings will not remain after the initial timeout period. If the
DNSBL administrator determines that the conditions for listing
still exists, then the timer for determining timeouts MAY be
renewed.
It seems to say "listing", not "IP address". I think you need
reading glasses :~)
A DNSBL listing is by IP address. This uses references similar to
a reverse IP address lookup for PTR records. Surely you know that.
We use the term "listing" in the draft to indicate a particular
listing for a particular criteria. If the criteria causes the DNSBL
to list a particular ASN for bad behaviour then the listing would
consist of the range(s) belonging to that ASN.
I have not suggested that IP addresses be grouped by ASN, only that
DNSBL delisting intervals be structured to induce the cooperation
of network providers.
That's a policy decision that the DNSBL can make. Nothing in this
draft prevents that.
Longer listings also reduce DNSBL resource expenditures, which is
appropriate when the next network provider's customer, if there is
one, is also likely to spam.
Sure. So there are two scenarios here to look at:
1) The listing is for the spammer. As long as he's spamming the
listing remains. When he stops spamming we suggest that the maximum
remaining time his IPs be listed is 6 months. Anything else is unfair
to innocent parties who end up on a spammer's old IPs.
2) The listing is for the ASN/ISP for providing service to spammers.
If the ISP stops signing up spammers then the listing will time out 6
months after the ISP stops signing up spammers. If they clean up
their act we see no reason they should continue to be blocked.
Whether the listing is for the spammer's individual IPs or for the
ASN as a whole is, and should be, ENTIRELY up to the owner of the
DNSBL. In no way do I advocate this BCP telling people what criteria
they SHOULD use for their DNSBL, that way lies madness.
______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email
______________________________________________________________________
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg