Matthias Leisi wrote:
Chris Lewis schrieb:
There's also a consideration of scaling. Having a few dozen
organizations continually rescanning their, say, /16s could get rather
old quick.
An old wish: Have some protocol to enable queries like "return all
listings for IP addresses in a.b.c.d/N" (for some reasonably max value
of N, possibly 24?).
We'd only have to issue more than 65536 of those to check our space ;-)
Yes, something like that would be nice and I don't think too many DNSBL
operators would object (at least in theory). Some DNSBLs offer by-email
notification. Others might want to, but don't for whatever reason.
However:
1) The BCP is a wrong place to describe a protocol for that.
2) Most DNSBL operators would probably prefer that there was some sort
of authorization layered on top.
For reasons of scaling and overhead, I think it'd probably be better
that these are third party offerings.
There have been efforts to implement third party services to do that.
Habeus had/has(?) one. I believe Karmasphere can do it.
Most of these services only query small numbers of IPs, and the costs
would be prohibitive if you had a largish range. But with the
appropriate arrangements, it should be possible to do much better.
Yes, that's easily done if you have a local copy of the data, but that
is not always feasible (or has considerable cost).
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
https://www.irtf.org/mailman/listinfo/asrg