ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] draft-irtf-asrg-bcp-blacklists-07 [re-send]

2011-03-01 15:19:38
from [Neil Schwartzman] [Permanent Link] 

On Mar 1, 2011, at 4:05 PM, Steve Linford wrote:


On 1 Mar 2011, at 21:38, Seth wrote:


Consider: BigISP is a large user of DNSBL, and pays a lot of money to
DSNBL for that usage.  BigISP gets a high-paying spammer it doesn't
want to remove, and tells DNSBL "If you list us, we'll stop using you
and stop paying you."


In your scenario the DNSBL is entering into a pink contract with a 
spam-friendly ISP to facilitate spam to the DNSBL's other paying customers.

You could help bolster your scenario by using as example some criminal botnet 
gangs as the DNSBL customers, since they can pay much more to the DNSBL to 
let tons of botnet spam through. If a DNSBL is going to make a pink contract 
with an ISP to let spam through for money, why stop there?

(it's a rhetorical question, no need for an answer)




Let's use another example. Spamhaus has, IIRC listed Microsoft IPs. (lve.com 
spam hosting about 18 months ago?). Surely your largest customer beat you over 
the head to have them delisted, no? Paid you enough to delist them, and put the 
rest of your users in jeopardy? 

(it's a rhetorical question, no need for an answer)

If an DNSBL is respected well enough to be used by a large ISP (and very few 
are, and relatively few do, respectively), one assumes they respect the quality 
of the data well enough not to try to interfere, lest said DNSBL go public. 
Besides which, let's say Spamhaus took a bribe. How long until hotmail figures 
if they can take an indirect bribe, they can take one directly. Thus, the 
credibility goes out the window, and soon after, the contract with the DNSBL.

Anyway, this is my last post on this subject; the Chair has called the question 
and we should probably best serve the issue by reviewing the document, 
suggesting changes, and trying to achieve consensus.

--
Neil Schwartzman
Executive Director
CAUCE
The Coalition Against Unsolicited Commercial Email, North America Inc.

http://cauce.org
http://twitter.com/cauce
IM: caucecanada
Tel.: +1 (303) 800 6345




_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Asrg] draft-irtf-asrg-bcp-blacklists-07, Udeme Ukutt
Next by Date:  Re: [Asrg] draft-irtf-asrg-bcp-blacklists-07 [re-send], Seth
Previous by Thread:  Re: [Asrg] draft-irtf-asrg-bcp-blacklists-07 [re-send], Steve Linford
Next by Thread:  Re: [Asrg] draft-irtf-asrg-bcp-blacklists-07 [re-send], Seth
Indexes:  [Date] [Thread] [Top] [All Lists]