On Apr 15, 2016, at 2:56 PM, John Leslie <john(_at_)jlc(_dot_)net> wrote:
If we have from the community negative reports about bad-behaviours
from any of those DNS-BLs for example.
Again, how much are you contributing to the costs of what you ask?
I’m reminded of a recent discussion on another list about how to turn off
IPv6 but just for google because the users were infected with malware and
got CAPTCHAs. The abuse in v4 is quiet, but when the hosts moved to dual-stack
and IPv6 capable it became obvious.
The provider blamed google and wanted to know how to disable IPv6 for google
only.
DNSBL/RBL are a part of life on the internet in the past 20 years. You don’t
deal with abuse at your own peril, as once you’re the noisiest abuser and added
you generally have a *lot* of work to clean up.
Having worked at places that got corporate mail servers added to DNSBL as a
business response to not terminating people for AUP violations before, this is
hard to explain and deal with.
I likely didn’t see the messages on the old list due to it matching a known
message pattern that is blocked. I know everyone wants @ietf lists to be
sufficiently promiscuous to have a low barrier to participating, but
we must perform some basic security operations to block them.
Regarding locking the lists? I’m all for that after IETF closes
out the venue contract/payments. It should be a mechanical operation
that coincides. This way if there is a venue problem or something specific
those at the meeting can discuss, otherwise the general public doesn’t get
spammed with details.
- Jared