[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Fwd: [Asrg] Re: Documents for LMAP BOF]

To: Philip Miller <millenix at zemos.net>
Subject: Re: [Fwd: [Asrg] Re: Documents for LMAP BOF]
From: Yakov Shafranovich <research at solidmatrix.com>
Date: Wed, 18 Feb 2004 14:07:08 -0500
Cc: Daniel Feenberg <feenberg at nber.org>, Alan DeKok <aland at ox.org>, asrg at ietf.org
In-reply-to: <4032EEE0.6000607@zemos.net>
List-archive: <https://www1.ietf.org/mail-archive/working-groups/asrg/>
List-help: <mailto:asrg-request@ietf.org?subject=help>
List-id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-post: <mailto:asrg@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>,<mailto:asrg-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>,<mailto:asrg-request@ietf.org?subject=unsubscribe>
Organization: SolidMatrix Technologies, Inc.
References: <Pine.GSO.4.10.10402171040560.15188-100000@nber1.nber.org> <4032EEE0.6000607@zemos.net>
Sender: asrg-admin at ietf.org
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.6) Gecko/20040113

Philip Miller wrote:

Daniel Feenberg wrote:
On Tue, 17 Feb 2004, Alan DeKok wrote:
A week ago, Yakov Shafranovich <research@solidmatrix.com> wrote:
What I find problematic is that there is an existing identity in email - IP addresses. If blacklists are made to be more feature rich, possibly becoming reputation services, that might help. So I am not sure why going to domain identity or sender identity makes a difference.
 IP addresses are short-lived, and machines at an IP are being
hijacked to send spam.  You can't have a blacklist if one IP sends 10
spam in 5 minutes, and then disappears for a week.
But what is the harm in leaving the IP address in the database? If
tomorrow it isn't a spammer, it is still a dynamic IP address, and I don't
want mail from that address, do I? And tomorrow its new address goes on
the list.
The harm in leaving it in the database depends on the stated policies of the database operator. If the users of that list know that known dynamic addresses are being left on after they have been used and discarded, and still want to use it, that's fine. If users are told or assume that the database lists known currently-spamming addresses, then leaving dynamic addresses lying around would be bad.

The same would apply for expired domains as well - if a domain blacklist is maintained and the domain is seized or expired, and then someone else registers it, the new owner will be stuck with the listing. Although this is less likely with domains than IP addresses.

The bottom line is that the main problem with any kind of blacklist - IP, domain, sender, etc. is the humans maintaining it. "Those who ignore history are doomed to repeat it" - if we ignore the problems with current IP blacklists then we will repeat the same problems with other kind of blacklists like domain lists.

Yakov

-------
Yakov Shafranovich / asrg <at> shaftek.org
SolidMatrix Technologies, Inc. / research <at> solidmatrix.com
"Power tends to corrupt, and absolute power corrupts absolutely" (Lord Acton)
-------

_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

References:
- Re: [Fwd: [Asrg] Re: Documents for LMAP BOF]
  - From: Daniel Feenberg
- Re: [Fwd: [Asrg] Re: Documents for LMAP BOF]
  - From: Philip Miller

Prev by Date: [Asrg] 0. General - Mailing list summary...
Next by Date: [Asrg] Patrik Falstrom's mailflow chart
Previous by thread: Re: [Fwd: [Asrg] Re: Documents for LMAP BOF]
Next by thread: [Asrg] Re: smtp-verify vs. the SPF propaganda
Index(es):
- Date
- Thread