ietf
[Top] [All Lists]

Comments on Draft IRTF ASRG DNSBL - 07

2008-11-11 15:50:53


Having spent 13 years managing abuse (Spam/Phishing/Botnets) within a large ISP 
organization, 5 to 6 years in a leadership position of the Messaging Anti-Abuse 
Working Group and active member of the Canadian National Cyber-Forensics 
Training Alliance, I can say that DNSxL's are a critical part of most ISP's 
security infrastructure.  Here are my specific thoughts on 
"http://tools.ietf.org/html/draft-irtf-asrg-dnsbl-07";

1. A large percentage of ISP's, ESP's, Enterprise and Internet Commerce 
companies have managed to build significant infrastructure that make extensive 
use of DNSxBL's for E-Mail related Phishing, Scam, Spam and Malicious 
Transaction Prevention. These practices have been in place for several years 
without a standard.  As new DNSxL's, applications for DNSxL's and IPv6 DNSxL's 
emerge, however, I believe standardization will become increasingly valuable in 
helping manage the technology change within ISP's, Enterprise, NGO, 
Not-for-profit Organizations and vendors.

2. The impact of DNSxL's when applied on Inbound Email Servers is significant 
with very little collateral damage. A good estimate is that over 70% of all 
spam email is prevented by the application of DNSxBL's, sparing many service 
providers millions in hardware that would otherwise be spent processing and 
storing these messages.  In all cases, without this type of implementation, 
customers' inboxes would be rendered completely useless.

3. When discussing DNSxL's with various carriers, it is clear that careful 
due-diligence has been applied to ensure that the risk of false positives is 
minimized. In several cases, the DNSxL is merely used as part of an overall 
reputation database that helps determine the delivery decision.

4. With the evolution of Internet Threats, ISP's and Enterprise's have deployed 
DNSxBL's to improve Data Security/Protection, Trust, Reliability and Confidence 
of Employee's and Customers. They have deployed DNSxL's that protect against 
phishing, spam, child exploitation and other malicious intended transactions.  
To this end, several not-for-profit and for-profit 
organizations/agencies/vendors/governments have been making extensive use of 
DNSxL's to protect country, city, community and citizens. This document will 
help foster standardization for those organizations.

In summary, Nominum has made commercial investments to enable ISP's to make use 
of highly scalable DNSxL's within their infrastructure. As an industry 
stakeholder in the standardization of DNSxL's we welcome and support this 
document.


Thanks for your time,

Jonathan

Jonathan Curtis
Nominum, Inc.

2003 - 2008  Founder and Vice/Chairman of The Messaging Anti-Abuse Working Group

_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf