I'm not sure about this: "DNSBL providers SHOULD NOT be held
accountable in any way for the consequences of use of a DNSBL
applied in an un-intended way."
I believe that the example the authors had in mind is the Spamhaus
PBL, which lists IPs that shouldn't be emitting mail directly to the
net, but which can legitmately send mail by logging into a SUBMIT
server and relaying through there. A common config error on MTAs that
are both MX and SUBMIT is to check the PBL before senders have a
chance to log in, with the effect that roaming users can't send mail.
The next step is then usenet or blog posts ranting about evil Spamhaus
blocked their mail, they're not spammers, blacklists are out of
control, etc. etc., until whoever runs the MTA notices and fixes the
configuration error.
A more subtle example is my korea.services.net, which lists all of the
networks in South Korea with the exception of a few small ones that I
have observed not to be significant spam sources. It's explicitly
intended for people like me who don't know anyone in Korea and don't
expect mail from Korea. Since it lists all the large ISPs, if you do
get mail from Korea, you'll lose a lot of it. Again, I've gotten
rants from people about how I'm blocking their very important mail,
it's wildly unreasonable, etc. (My response: "If a network were
sending you a thousand spams for every real message, what would you
do? Well, that's what I did.")
So in any event, the real intent is to say that you can't prevent
idiots from doing idiotic things. If you can come up with a better
way to say that in standards speak, I'm sure the authors will be happy
to adopt it.
R's,
John
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/asrg