ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] Round 2 of the DNSBL BCP

2008-04-01 12:17:29
from [Matt Sergeant] [Permanent Link] 
On 1-Apr-08, at 1:07 PM, Chris Lewis wrote:


2.1.  Transparency

   A DNSBL SHOULD carefully describe the criteria which are the cause
   for adding, and the criteria for removing an IP address or domain
   name on the list.


Here we talk about IP addresses or domain names. I think we should  
stick with "Listing" or "Entry".

And did you add something somewhere about how a Listing/Entry might  
map to >1 "thing" in the list? e.g. a range/ASN/whatever?


2.2.1.  Listings SHOULD Be Temporary


Much improved.


2.2.3.  Removals SHOULD Be Prompt


Also much improved.


3.3.  DNSBLs SHOULD Provide Operational Flags

   Most DNSBLs follow a convention of entries for IPs in  
127.0.0.0/8 to
   provide online indication of whether the DNSBL is operational.  In
   other words, the result of a DNS lookup will be in the range of
   127.0.0.1 through 127.0.0.255.


I don't think this "in other words" fits. The first talks about  
operational entries, the second talks of results. And the first talks  
of a /8 and the latter the /24.


  Many DNSBLs arrange to have a query
   of 127.0.0.2 return an A record indicating that the IP is  
listed, and
   a query of 127.0.0.1 return no A record (NXDOMAIN).  When both of
   these indicators are present, this indicates that the DNSBL is
   functioning normally.  See [DNSBL-EMAIL].

   Other results, such as 127.0.0.3, may have different meanings.   
This
   operational flag usage and meaning SHOULD be published on the  
DNSBL's



Lewis & Sergeant        Expires September 2, 2008               
[Page 10]
Internet-Draft                  DNSBL BCP                     March  
2008


   web site.

   Some mail systems are unable to differentiate between these various
   results or flags, however, so a public DNSBL MUST NOT include
   opposing or widely different meanings -- such as 127.0.0.23 for
   "sends good mail" and 127.0.0.99 for "sends bad mail" -- within the
   same DNS zone.


Not sure why this is a MUST NOT. If people are dumb enough to use a  
mixed list in a broken way they get what they deserve. What's the  
justification?

Matt.


______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Asrg] Round one modifications to DNSBL BCP draft., Andrew D Kirch
Next by Date:  Re: [Asrg] Round 2 of the DNSBL BCP, John Levine
Previous by Thread:  [Asrg] Round 2 of the DNSBL BCP, Chris Lewis
Next by Thread:  Re: [Asrg] Round 2 of the DNSBL BCP, Chris Lewis
Indexes:  [Date] [Thread] [Top] [All Lists]