Re: [Asrg] Re: Asrg Digest, DNSBL BCP v.2.0

On Mar 2, 2007, at 5:01 PM, gep2(_at_)terabites(_dot_)com wrote:

> As you know, in a recent thread I commented on what a LOUSY  
> solution IP-address-based blacklists are, in general.
> Part of the problem is that it is a VERY blunt instrument,  
> especially for companies which operate a large network from behind  
> a NAT router.
> Well, I've recently been personally involved in trying to put out  
> just such a fire at one of my consulting clients.
Well, I recently presented a proposal that would have eliminated most  
of the damage that you experienced. But you trashed my proposal  
simply because it was based on blocking IP addresses.
You need to realize that blocking IP addresses that are sending spam  
is one of the most effective and least costly tools admins have for  
stopping the bulk of the spam tide. Even in your case, there was spam  
coming from your IP address and blocking that address stopped the  
spam and got your immediate attention. The problem as I see it is  
that the current blacklists are too slow to remove the blocks once  
the spamming has been stopped so there is no reward for quickly  
cleaning up or shutting down the infected PC.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg