ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] Round 2 of the DNSBL BCP - "collateral damage"

2008-04-01 23:46:53
from [Andrew D Kirch] [Permanent Link] 
Steve Atkins wrote:


At which point if an opm admin added an IP address to the list,
mail was blocked. If they removed the IP address, mail stopped being
blocked.

The operator of an email blacklist can cause email to be blocked
by a direct action of theirs. 

But only so long as the MTA admin, enduser, or intermediary using the 
DNSBL, continues to use us.  I had an experience with Google's Gmail 
servers roughly a year ago where the GMail servers were being used to 
propagate advertisements for a child porn site.  After several hours 
attempting to contact GMail's postmasters via e-mail, friends who knew 
Google employees from Summer of Code, and calling their corporate 
operator trying to get someone in GMail abuse,  I gave up, and RHSBL 
listed gmail.com, and added the individual IP's that sent this spam to 
the DNSBL.  I had several of our users e-mail us asking us if we were 
out of our minds to list GMail, I replied with samples of the CP spam 
we'd gotten from GMail.  Some of these users stopped using the AHBL 
because of this.

I think this scenario is apropos here for several reasons.  One: none of 
these blocks were intended to cause "collateral damage".  I listed a 
domain where I had almost 2 dozen spam sources for child porn, and the 
domain used to spamvertise the child porn.  I say that this didn't cause 
collateral damage because what was blocked was the source of spam, and 
the source of spam alone.  No reasonable person however will look at 
this and say that ham was blocked because of this.

Also this is a situation which disproves the concept that blacklists 
block e-mail.  Our ability to block e-mail begins and ends on the user 
of our list's server.  We have no ability to dictate what the user does 
with our list, or when the user enables, or disables filtering based on 
our list.  It even stands to reason that there are users out there who 
so detest DNSBL's that they whitelist based on our content.  One must of 
course accept this, and move on.

For those that are curious, one of my volunteers did get ahold of a SoC 
volunteer who got her to an exec at Google, and then to an abuse role at 
Gmail to stop the CP spam.  Approximately 17 hours after I placed the 
initial blocks they were removed.

Andrew
AHBL.org
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Asrg] Round 2 of the DNSBL BCP - "collateral damage", Martin Hannigan
Next by Date:  Re: [Asrg] Round 2 of the DNSBL BCP - "collateral damage", Frank Ellermann
Previous by Thread:  Re: [Asrg] Round 2 of the DNSBL BCP - "collateral damage", Steve Atkins
Next by Thread:  Re: [Asrg] Round 2 of the DNSBL BCP - "collateral damage", John Payne
Indexes:  [Date] [Thread] [Top] [All Lists]