ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Last Call: draft-irtf-asrg-dnsbl (DNS Blacklists and Whitelists)

2008-11-09 13:34:46
from [Keith Moore] [Permanent Link] 
Matthias Leisi wrote:

[Disclosure: I am the leader of the dnswl.org project; I provided some
input into the DNSxL draft as far as it concerns whitelists.]

Keith Moore schrieb:


These incidents happen one at a time.  It's rarely worth suing over a
single dropped message, and yet the aggregate amount of harm done by IP
based reputation services is tremendous.


I would not want to reduce the situation to blacklists only. You use the
correct term - IP based reputation services - but fail to mention that
this includes whitelists, and that decisions other than "drop" can be
made based upon data returned by such services.


I suspect DNSWLs have problems also, but I haven't tried to analyze the
problems with DNSWLs to the extent I have the problems with DNSBLs.


Regarding the "dropped message": While outside the scope of the DNSxL
draft, it is pretty much consensus that messages should not be dropped
in the sense of deleted or "stored in a seldomly reviewed quarantine
folder", but that a clear SMTP 5xx error code should be returned.


I don't think it should be outside the scope of a standard.


I believe it is generally agreed that false positives are the main risk
with spam filter solutions. This applies both to individual tools like
DNSxLs and to the "filtering machine" as a whole as perceived by the
recipient (and the sender). No automated solution can guarantee the
absence of false positives.

On the other hand, the manual solution is far worse in terms of false
positives, in my experience - the human error rate is pretty high when
eg a spammy inbox must be reviewed manually.


Agreed.  But it is not uniform for all recipients - it depends highly on
how much legitimate mail they receive, how much spam they receive, and
the similarity between the two.  And there's a important difference in
liability between a recipient filtering his own mail and an unrelated
third party filtering it for him.


And the relative number of complaints is not
a reliable indicator of those costs.


It's probably the best indicator available?


perhaps, but that doesn't make it a compelling argument.

Keith
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  IP-based reputation services vs. DNSBL (long), Keith Moore
Next by Date:  Punycode at ASCII for IDN & MDN via Y2K Project Management, linuxa linux
Previous by Thread:  Re: Last Call: draft-irtf-asrg-dnsbl (DNS Blacklists and Whitelists), Matthias Leisi
Next by Thread:  RE: Last Call: draft-irtf-asrg-dnsbl (DNS Blacklists and Whitelists), Livingood, Jason
Indexes:  [Date] [Thread] [Top] [All Lists]