Douglas Otis <dotis(_at_)mail-abuse(_dot_)org> wrote:
IP address space pressures has caused much of the sharing of IP
addresses for both MTAs and Web servers.
What's up with 29/8 & 30/8? There are 50M addresses unused.
One reason to deploy a name based reputation system, is to overcome
the problem of IP address aggregation affecting so many different
domains. The application of reputation makes domain/user isolation
critical for the domain owner.
In the absence of DNSSec, using DNS names for reputation is a bit
problematic. You're never completely sure that the domain is
currently being controlled by it's owner.
Once an MTA administrator buys the notion that SPF/Sender-ID takes care
of abuse, where reputation no longer affects them directly, they have
less incentive to do the real job of abating abuse before it is sent.
I'm not sure there's any technical solution to that problem.
Alan DeKok.