On Wed, Nov 19, 2008 at 10:41:30AM +1200, Franck Martin wrote:
Did not fully read but not sure if there is something that access to DNSBL
should not be restricted. I'd like to query often the DNSBL to see if my IPs
are not appearing in it. It is easier that way that to scan postmaster
emails.
By the time reports have found their way back to (at your "abuse" address,
I'd hope, not "postmaster") and by the time you've been listed on a DNSBL,
it's too late. The damage has already been done. A much better approach
is to be proactive, to actively block or at least detect common forms
of abuse before they escape your network.
So instead of putting engineering time into wiring DNSBL checks into
Nagios (referenced in the part of your message I elided) it would be
better to apply that same time to understanding your network, thinking
about how it could be abused, and putting in place measures designed
to forestall that.
---Rsk
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
https://www.irtf.org/mailman/listinfo/asrg