On Sun, 2005-12-04 at 16:29 -0500, Sam Hartman wrote: > >>>>> "Daniel" == Daniel Feenberg <feenberg@xxxxxxxx> writes: > > Daniel> Is there a proper place to discuss > > Daniel> http://www.ietf.org/internet-drafts/draft-church-dnsbl-harmful-o1.txt > Daniel> ? > > You can talk to the author of that draft and try and convince him that > the draft should become more balanced. That may work. Traditional black-hole lists represent a small percentage of sources for abusive email. The IP addresses reported as belonging to accounts that should not be sending email represents a substantial portion of sources sending spam and viruses. Much of these addresses are obtained by way of cooperation with various providers, and may not represent a dynamic address. In the past, these lists may have been described as Dial-Up Lists (DUL). These accounts may have static IP addresses, but operate under contracts prohibiting operation of an MTA. There may be disagreements regarding an address included on these lists. When the customer of an ISP complains, they are often required to have the request forwarded on their behalf by their provider, when in conflict with information offered by the provider. Often, resolution of such listings requires a different class of account be obtained from the provider, such as business versus residential. The listing service will trust information offered by the provider and not override this information based solely upon complaints by their customers, regardless of the nature of the IP address being either static or dynamic. There are newer strategies being used beyond the traditional black-hole Today, many of t listing, in addition to the DUL. Unlike filtering, these lists often provide the sender an error message that indicates the list causing refusal of their message. Without substantial reductions in overhead afforded by black-hole lists, more exacting efforts aimed at thwarting other types of email attacks would not be possible. Perhaps once EHLO or signature authentication based upon the customer becomes more widely available, name based listings would avoid some collateral blocking that occurs when the MTA is being shared. Authorization mechanisms will result in unfair name blocking by holding the email-address domain owner accountable, even though they are likely unable to monitor or respond to any abuse. What better scheme is there? -Doug _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf