On Mar 30, 2008, at 7:51 PM, Steve Atkins wrote:
On Mar 30, 2008, at 10:29 PM, Douglas Otis wrote:
This message is posted on behalf of Dave Rand.
While Dave often has a unique perspective, I'm slightly concerned
that anyone would interact with the ASRG in a write-only manner. If
Doug represents Trend Micro policy, he can present and discuss it
here himself. If this is, instead, a private observation from Dave,
it might be better if Dave were to present it as a private
observation himself, rather than as a statement presented by an
employee.
Several subscribers on this list made comments concerning policies
used by MAPS. Dave Rand was requested to comment since he has more
than a unique perspective. Please note he has also offered his
contact information.
The RBL(tm) is a *fully manual* process. No automation. It is the
"list of last resort". It is used to stop spam coming from
*persistant* spam sources - ones that have been brought to the
attention of the service providers, and that the service provider
has ignored.
That seems to clash with past statements of the MAPS RBL team. IIRC,
the RBL was intended to punish those who, in the sole discretion of
the RBL staff, "support spam" in some vague, abstract way. It was
not intended solely to actually block or stop spam. Listings were
punitive, and intended to cause business damage, not to actually
block spam, and there was no consistent policy or oversight.
Of course, any listing might be seen as punitive by the network
provider. Listing depends upon observed abuse and inaction by the
network provider. That has not changed. Assessment information is
being bolstered, and remains a work in progress. The fundamentals
have not changed, but these are not found this draft. : (
There is only one confirmable entity able to abate spam, the network
provider. Efforts might be measured over an aggregate of advertised
address space. Tools available to the block/black-hole list operators
are modest compared to that of the network provider. When a majority
of advertised address space appears involved in high levels of abuse,
consolidation of these portions may occur. Before there is any
listing published, the co-operation of the network provider is
sought. Only the network provider is able to abate abuse, where this
indeed may involve removing access. Removing access may also be seen
as negatively affecting business. But of course, so might high levels
of email abuse.
-Doug
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/asrg