ietf-asrg
[Top] [All Lists]

Re: [Asrg] please review draft-irtf-asrg-bcp-blacklists-07

2011-01-19 16:31:31
On 1/19/11 1:00 PM, Chris Lewis wrote:
he says he has. Were he honest, instead of "your bacon was horrible,
pay me money or I'll shut you down" he would be threatening "your
bacon was horrible, pay me money or I'll list you on my list of places
where I didn't like the bacon."
The thing is, the random self-selected guy doesn't have all the power

In the DNSBL world, a popular blacklist listing can cause more than 50% of their email to get blocked in such a way that most recipients don't know that it's happening. They've abruptly disappeared email-wise, for a huge chunk of the Internet. This is far more than midway between an end-user advisory that an end-user can choose to ignore or accept, and a health-department mandated door shutting.
Chris,

Networks containing millions of individual sources of abuse are often most effectively handled by policies enforced by their network providers. Policies promoted by this draft overlook network provider's role. Only network providers are able to block abuse and determine whether abuse has been mitigated by their customer. Third-parties monitoring network traffic see only a tiny fraction of any overall abuse. Listing stratagems that aid list-washing techniques further reduce the effectiveness of important third-party monitoring.

It seems this draft has a goal to make third-party monitoring ineffective, and to avoid the corrective actions that may need to be taken by network providers. It is not a mistake to list networks replete with abuse. When a network provider is unwilling to stop commerce of abuse (tainted bacon), listing their network gets their attention. Their angry customers are free to seek services from other responsive providers. The original abuse listings were distributed as BGP filters. It seems future listings of IP addresses will likely need to return to this model in order to scale to the larger IP address space.

Of course, positive reputations by domain name work well with DNS, and would be independent of the network provider. It seems this draft misses an opportunity to better lay out how services can be supported in the future. We continually need to counter the erosion caused by "automated" abuse listings and mailing-list washing. IPv6 will make obscuring spam traps and selectively reacting to individual IP addresses impossible. :^(

-Doug

_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg