Is there a proper place to discuss http://www.ietf.org/internet-drafts/draft-church-dnsbl-harmful-o1.txt ? There has been some discussion of the draft in the ASRG list, but no one their seems to be aware of the most appropriate venue for such discussion, nor does a visit to the IETF website. While the author does a good job of listing the negative aspects of domain name based blacklists, he omits the advantages. A balanced discussion would accept that for several reasons DNSBLs are the best available spam suppression technique. The first advantage of DNBLs I want to mention is a private benefit for the mail transfer operator, his users, and their corespondents. The typical mailserver using DNSBLs for spam suppression REJECTS suspected bad mail, while a typical content based scanner DISCARDS suspected spam, or leaves it in a spam folder. In the case of a false positive This is a significant advantage to the DNSBL, because the actual sender will get a notice of refusal from the DNSBL based system, but no notice at all of the discard from the content based system. A user or MTA operator might place much greater weight on lost mail than rejected mail, as lost mail may be the source of ill feeling, while rejected mail is merely an inconvenience. The second advantage I want to mention is the public benefit to all email users when MTA operators administer their sites to discourage the output of spam. In the present legal environment, the existence of DNSBLs is the primary motivation for such efforts. Without DNSBLs, many large ISPs and hosting companies would lose interest completely in suppressing spam spewage from their MTAs and IP addresses. With the resulting increase is spam messages, content analysis would become increasing difficult. Without consideration of the advantages of the DNSBL, the author has come to a foregone conclusion. An IETF document deprecating a superior solution is unfortunate. I am aware that some content based scanners are able to reject mail, and that some MTAs using DNSBLs discard mail, but both situations are unusual, and the former is technically difficult. In any case, placing suspected spam in a spam folder seems like more of a way to avoid legal liability than to improve the user experience. I am aware that some MTA operators are frustrated by their inability to get off certain DNSBLs, and I do not have a cost free solution. I have referred such operators in the past to my page at http://www.nber.org/sys-admin/smarthost.html which suggests that they obtain mail relay service from an operator of an unlisted MTA and provides some sources. I have done some original research on the effectiveness of DNSBLs which is posted at http://www.nber.org/sys-admin/dnsbl-comparison.html however, the quantitative results are less important here than the qualitative difference between rejected and lost mail, and the possibility that ISPs would no longer see any advantage to policing spam originating in there systems. Thank you for this opportunity to comment. Daniel Feenberg National Bureau of Economic Research 1050 Mass Ave Cambridge MA 02138 617-588-0343 feenberg at nber dotte org _______________________________________________ Ietf@xxxxxxxx https://www1.ietf.org/mailman/listinfo/ietf
