Douglas Otis <dotis(_at_)mail-abuse(_dot_)org> wrote:
On Mar 31, 2008, at 11:44 AM, Seth wrote:
Douglas Otis <dotis(_at_)mail-abuse(_dot_)org> wrote:
Will information be added related to warnings regarding network
provider associated address space about to be list?
I hope not.
Why do you keep assuming that only things that _have_ network
providers can be listed? Who is the "network provider" for a
"Mailer-agent" header DNSBL?
Any IP address used by bad actors for sending UCEs or other types of
abuse is being routed by a network provider.
Which network provider would you recommend notifying about an entry
that says "X-Mailer: CloakedSender" is a spam indication?
If you want to notify the providers for the emitters of all the spam
you get, feel free. But you aren't going to get others to believe
that doing so is a requirement on them.
In addition, the network provider is in the
unique position of being able to curtail the abuse immediately.
Tell me again, which provider can curtail the use of "X-Mailer:
CloakedSender" immediately?
How can a BL operator establish relationships with millions of a
network providers' customers, without expecting network providers to
intercede?
How do you define "establish relationships"? If I publish
dnsbl.noprimes.org, have I established relationships with all users of
prime-number IP addresses?
Only network provider can establish AUPs,
Anybody can establish an AUP for his own property. Lots of web boards
have AUPs without being network providers.
While few black-hole/block list operators are able to coordinate
with network providers and thereby prevent abuse at the source, _no_
other approach is as effective or as robust.
So you claim; but so what? Why should there be any obligation on
anybody based on your claim (even if true) that something is the most
effective or robust approach?
A level of trust is required between the BL operator and the network
provider to be both effective and to improve safely.
Since many network providers are quite untrustworthy, that alone is
reason to avoid notifying those you don't know.
Defining a BL mode of operation that asks the least of the network
operator, also does the least in terms of curbing abuse.
Nobody else is obligated to act according to your beliefs about what
is the most effective.
Currently, few BLs rate domain names.
So? This isn't a democracy with each BL having one vote.
IP addresses resolved by the
name or used by the name server may serve as a reference identifier.
Especially for those domains hosted on zombies with 60 second TTLs.
In many cases, only the network provider can be identified as being
associated with the address space in question.
In many cases, nobody can be.
This is simply not true, or the packet could not be routed.
What is the address space for "X-Mailer: CloakedSender"?
Will there be any recommendation regarding the notification of
listings?
The listing is its own notification.
No. The goal is to stop the abuse at its source.
Whose goal? Nobody else is required to act according to your goals.
My goal is to identify prime numbers.
As such, prior notification of a listing given the network provider
can then be directed to their customer.
Lots of things "can be". The fact that something "can be" does not
suffice to create obligations.
Seth
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/asrg