Rich Kulawiec wrote:
On Fri, Apr 04, 2008 at 10:43:51PM -0400, Chris Lewis wrote:
Personally, I think that collateral damage is a reasonable term, and
all of the dnsbls don't block mail weasel wording is counterproductive,
since we're talking about policy, not code.
Collateral damage is a loaded term, and carries a lot of baggage from
outside of the Internet. I think we have to both mention it (so that
some people know what we're talking about), but at the same time try to
partially neutralize the extraneous knee-jerk reaction.
Let me add two other things to this that haven't come up before.
1. "Collateral damage" is a Vietnam war-era euphemism for unintended damage
during a military operation. I'm guessing that's the baggage you might have
been referring to.
Yup.
DNSBL listings or their usage are incapable of causing any
damage: they don't conduct DoS attacks, for example.
Simplistically, listing something for spam when you know it will result
in non-spam being affected is both collateral and damage.
I think you're saying it's moot, because if the DNSBL operator does make
a clear statement of the degree that a listing may encompass non-abusive
behaviour (the collateral), the collateral consequences are knowingly
accepted and applied by the DNSBL user (hence it isn't collateral), who
in most cases has the absolute right to accept/non-accept anything for
any reason they choose - it can't be damage because the sender doesn't
have a right to trespass on the receiver's property if the receiver says no.
I believe that the basic notion is generally right.
Rather than argue any of that in the BCP, the main thrust on the part of
the BCP is making _sure_ the DNSBL operator makes the criteria clear.
If the operator doesn't make it clear, the true criteria is unknown to
the DNSBL user. Which is a recipe for bad outcomes, justified or otherwise.
Truth in advertising is the main thrust of the BCP. Both senders and
receivers get justifiably PO'd when they're not, and that happening is
bad not only for the DNSBL operators but the industry as a whole.
2. [Most] DNSBL listings larger than a single IP don't have "collateral"
effects.
Here's what I mean: suppose spam is received from 1.2.3.42. Suppose a
DNSBL operator queries the network owner and find that 1.2.3.0/24 is owned
by Foo Networks, and decides to list all of it. This affects (obviously)
whoever is at 1.2.3.43. But is it a collateral effect? No.
Perhaps yes, perhaps no, but I contend it's entirely irrelevant. That's
the point, and why I think that discussing the rightness or wrongness of
the terminology is entirely moot. The real question is whether the DNSBL
operator say what the policy is and stick to it. Truth in advertising
again.
If the SBL abruptly replaced their policy with Al's toy "any IP with a 7
in it" experiment without changing the documented criteria or adequate
(whatever that might be) prior notice, you'd be pissed too.
Let me be absolutely clear - I don't think that very many DNSBLs _ever_
violated "truth in advertising" to any appreciable extent (except for
one very old infamous case, and perhaps arguably when OSIRUS listed the
world without warning). Not even SPEWS did.
The benefit to things like SPEWS from the BCP in this area is simply to
point out to the DNSBL operator how important it is to make the
breadth-of-listing criteria as clear as possible. I think SPEWS could
have documented it better, but it was there.
Think goober factor. Some dimbulb starts using, say, Seth's "no
primes". It does bad things. The dimbulb is, well, dim, gets angry
blames Seth. Ignorant journalists make it a cause-celebre. Media
splash. Seth gets inundated with other ignorant journalists asking him
"how long have you been an anti-american/anti-commerce terrorist?". EFF
gets on their podium, senior managers at ISPs/major corporates start the
inquisition of their email administrators about "eradicating DNSBL
agents of terror" blah blah blah.
Wouldn't it be better for Seth to have published on his web site "this
DNSBL is a joke. Don't use it. Only dimbulbs and idiots would even
dream of using it". Even (most) ignorant journalists will eventually
get it.
[Seth's prime number DNSBL has been a fixture of DNSBL discussions for
years. I don't know whether he actually publishes one, and how it's
documented....]
The bit I will write will be somewhat like SM's. Not oriented as a
statement on "collateral damage", but a statement about clarity of
criteria for listing breadth. And a much deprecated (perhaps "commonly
misrepresented as") reference to "collateral damage" so nobody can claim
we ignored the issue. Having the BCP pop up when someone enters "DNSBL
collateral damage" into google is also useful ;-)
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/asrg