ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] Comments/Mods (2.2.1)

2008-04-01 19:41:09
from [Chris Lewis] [Permanent Link] 
Matthew Sullivan wrote:

This is going to be difficult - pasting on the first part of the section 
even though the whole section needs to be reviewed.

Currently:

2.2.1.  Listings SHOULD Be Temporary


...

    Generally speaking, listings SHOULD be considered temporary, and
    should expire on their own at some point in the future unless reasons
    for listing still exist.



Comments:

In the (currently fictional) prime number DNSBl all listings are permanent.


Note the paragraph I kept in above.

Seth could set up a "every week check to see if this IP is still prime, 
and if not, delist" process.  But I'm sure he could come up with a proof 
that if the IP is currently prime, it'll _stay_ prime, and optimize out 
the "every week..." bit ;-)

Fully in compliance either way.


In the SORBS DNSbl we have an attitude if a listing is a problem someone 
will query it, if not (in most cases) it is not a problem to stay listed.


It's been our experience that with effective detection, the occasional 
email that gets through before the thing relists is a smaller price to 
pay than the initial bafflement/damage incurred by someone being 
allocated the listed IP 6 months later who may have a devil of a time 
figuring out how to get out from under it.  At least with certain kinds 
of lists.

As I've mentioned elsewhere, both we (and Spamhaus) synthetically expire 
NJABL proxy entries before use (here, in the XBL respectively), because 
we could _see_ that older NJABL entries had appreciably higher FPs, and 
in my experience seemed to be borne out with SORBS proxy/socks (by 
inference and knowledge of SORBS expiration policies and sufficiently 
higher overall FPs to be of concern)

The CBL expiration interval seems extremely short compared to just about 
everything short of Spamcop, but it sure doesn't seem to suffer for it. 
  Neither does Spamcop.

Many people have used the argument over the years that DNSBLs are a 
better solution than local manual blacklists _because_ they're centrally 
managed by someone who (presumably) knows what they're doing and at 
least occasionally re-evaluates/re-assesses their listings in some form. 
  I'm sure that the people acquiring AEGIS netspace will agree, or those 
being given newly released ARIN space when faced with manually 
implemented BOGON lists.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Asrg] Round 2 of the DNSBL BCP, Chris Lewis
Next by Date:  Re: [Asrg] Round 2 of the DNSBL BCP - "collateral damage", der Mouse
Previous by Thread:  [Asrg] Comments/Mods (2.2.1), Matthew Sullivan
Next by Thread:  Re: [Asrg] Comments/Mods (2.2.1), Matthew Sullivan
Indexes:  [Date] [Thread] [Top] [All Lists]