ietf
[Top] [All Lists]

Re: uncooperative DNSBLs, IETF misinformation (was: several messages)

2008-11-13 16:31:43
On 13 Nov 2008, at 19:39, Andrew Sullivan wrote:

On Thu, Nov 13, 2008 at 07:25:32PM +0100, Matthias Leisi wrote:
Can you please explain what this "fairly serious damage to the DNS
protocol" is?

The message I posted from Olafur and me the other day is supposed to
explain this already:

http://www.ietf.org/mail-archive/web/ietf/current/msg53776.html

For the impatient, one fundamental problem is that the current
behaviour uses A records that do not contain host addresses, which is
contrary to the definition of an A record.

Is this not a truly desperate grasping at straws?

So far I have heard here:

- DNSBLs are not much used so they should not be recognized.
  (we alone have 1.4 billion end-users and our DNSBLs are used by
  2/3 of internet networks, including all giant freemail providers)

- DNSBLs are temporary fad, they'll never last.
  (we've been serving DNSBLs for 10 years)

- DNSBLs are bad for email.
  (we alone flag some 80 billion spam emails *per day*, spam which
  would otherwise clog servers and render email completely useless)

- DNSBLs stop very little spam.
  (our DNSBLs catch 80-90% of spam out-front, and 99% if used as we
  recommend in: http://www.spamhaus.org/effective_filtering.html )

- DNSBLs have huge False Positives.
  (at 80 billion spams stopped per day, if we had even a miniscule
  FP level there would be a worldwide outcry and everyone would stop
  using us. Do the maths. Our FP level is many times lower than any
  other spam filter method by a very, very long way)

- DNSBLs break email deliverability.
  (DNSBL technology in fact ensures that the email sender is notified
  if an email is rejected, unlike Bayesian filters/content filters
  which place spam in the user's trash without notifying the senders)

- DNSBLs "sit in the middle of an end-to-end email transaction"
  (see: http://www.spamhaus.org/dnsbl_function.html for enlightenment)

- IETF should not recognize DNSBLs because it may upset IETF sponsors.
  (the IETF sponsors and founders list reads as a "who's who" of DNSBL
  users, we ourselves have contracts with at least 60% of the IETF
  sponsor corporations for the use of our DNSBLs. Upset them my foot.)

- Someone from BT said "DNSBLs should not be standardised"
  (BT has a contract with Spamhaus to use our DNSBLs on its network,
  we're not sure why BT would prefer the DNSBLs it uses to not be
  standardised but we'll ask them at contract renewal time ;)

- DNSBLs are all bad because someone had a bad experience with SORBS.
  (well, we're not SORBS. Nor are Trend Micro, Ironport, or the other
  responsible DNSBL operators)

and

- DNSBLs cause "fairly serious damage to the DNS protocol" because they
  use A records that do not contain host addresses.
  (127.0.0.0 is reserved for IANA Special Use. It is non-net-routable.
  DNSBLs using 127.0.0.2 cause absolutely no 'damage' whatsoever)

Please could the arguments against standardisation use some better and correct facts, as most of the arguments being presented against standardisation started off poor and are deteriorating into farcical.

  Steve Linford
  Chief Executive
  The Spamhaus Project
  http://www.spamhaus.org


_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf

<Prev in Thread] Current Thread [Next in Thread>