[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Asrg] New draft draft-irtf-asrg-bcp-blacklists-01.txt

To: Anti-Spam Research Group - IRTF <asrg at ietf.org>
Subject: Re: [Asrg] New draft draft-irtf-asrg-bcp-blacklists-01.txt
From: Douglas Otis <dotis at mail-abuse.org>
Date: Sat, 29 Mar 2008 16:40:47 -1000
Delivered-to: ietfarch-asrg-web-archive at core3.amsl.com
Delivered-to: asrg at core3.amsl.com
In-reply-to: <E1Jebia-00011v-00 at chiark.greenend.org.uk>
List-archive: <http://www.ietf.org/pipermail/asrg>
List-help: <mailto:asrg-request@ietf.org?subject=help>
List-id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-post: <mailto:asrg@ietf.org>
List-subscribe: <https://www.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
References: <20080325160757.22934.qmail at simone.iecc.com> <47E92CBD.50500 at nortel.com> <47E92CBD.50500 at nortel.com> <E1Jebia-00011v-00 at chiark.greenend.org.uk>
Reply-to: Anti-Spam Research Group - IRTF <asrg at ietf.org>
Sender: asrg-bounces at ietf.org

On Mar 26, 2008, at 9:55 AM, Tony Finch wrote:

> Douglas Otis <dotis at mail-abuse.org> wrote:
>>
>> Some BL policies do not adhere to the dubious philosophy expressed in
>> section 2.2.1  and  2.2.3.
>>
>> 2.2.1.  Listings SHOULD Be Temporary
>>
>> 2.2.3.  Removals SHOULD Be Prompt
>>
>> Automatic de-listing can be highly counter productive in controlling
>> IP address ranges previously producing substantial levels of abuse.
>
> IME as a customer of MAPS, a high proportion of the RBL+'s false  
> positives that have caused us problems have been caused by MAPS's  
> policy of not expiring or at least periodically revalidating  
> listings in the RSS. I particularly remember a problem with an  
> address range that had been re-allocated to an entirely innocent  
> third party who were suffering because of data that was several  
> years out of date. It's worse that MAPS wouldn't accept bug reports  
> from us. We no longer use that part of the RBL+.
>
> Based on that experience, I think the BCP is right.

Tony,

RSS listings offer automatic retesting and removals without involving  
network operators, only a request needs to be made via the supporting  
website.  There should be no reason for a listing not to be removed?   
If you were misinformed, this is most unfortunate.

See:
http://www.mail-abuse.com/removereq_rss.html

Both open proxy and open relay listings are _not_ routinely retested  
without request.  Open relays and proxies stay active for years, and  
often appear used for purposes unaffected by black-hole lists.

-Doug

_______________________________________________
Asrg mailing list
Asrg at ietf.org
https://www.ietf.org/mailman/listinfo/asrg

Follow-Ups:
- Re: [Asrg] New draft draft-irtf-asrg-bcp-blacklists-01.txt
  - From: Matt Sergeant

References:
- Re: [Asrg] New draft draft-irtf-asrg-bcp-blacklists-01.txt
  - From: John Levine
- Re: [Asrg] New draft draft-irtf-asrg-bcp-blacklists-01.txt
  - From: Chris Lewis
- Re: [Asrg] New draft draft-irtf-asrg-bcp-blacklists-01.txt
  - From: Tony Finch

Prev by Date: Re: [Asrg] New draft draft-irtf-asrg-bcp-blacklists-01.txt
Next by Date: Re: [Asrg] New draft draft-irtf-asrg-bcp-blacklists-01.txt
Previous by thread: Re: [Asrg] New draft draft-irtf-asrg-bcp-blacklists-01.txt
Next by thread: Re: [Asrg] New draft draft-irtf-asrg-bcp-blacklists-01.txt
Index(es):
- Date
- Thread