Keith Moore wrote: > John Levine wrote: > >>> Unlike you, I don't see "overwhelming community consensus for >>> this mechanism". >> Aw, come on. There's a billion and a half mailboxes using the >> Spamhaus DNSBLs, on systems ranging from giant ISPs down to hobbyist >> Linux boxes. > > and there's a billion and a half users whose email is being degraded by > such mechanisms. > > if you ask them whether they want to not receive spam, they'll say yes. > if you ask them whether they want their incoming mail filtered on the > basis of unsubstantiated rumor and unreliable identifiers, they'll say no. Then you go to the next logical step, and turn Spamhaus off, and you ask them whether they want it back on. They'll say yes. They did here (the question was an accidental goof on my part that turned off Spamhaus queries, the answer (trouble tickets about spam filtering not working, despite all the other filtering mechanisms unaffected by the goof) was overwhelming) Secondly, the term "unsubstantiated rumor" - that implies that Spamhaus accepts unsubstantiated allegations from anyone. They don't. "Unsubstantiated rumor" - unsubstantiated by whom? Represented how? I'd contend that Spamhaus's listings are all substantiated by them, but no matter. PSBL, for example, substantiates every listing with a spam sample via their web site. CBL (Spamhaus XBL) entries are substantiated by SMTP transactions from the IP in question, usually with specific identification of the spambot that did it. They may not reveal precise details of their heuristics of how they detected it, nor a sample, but experience indicates that they are right virtually 100% of the time. I don't need 100% full transparency or 100% substantiation, if experience shows I can trust it. And I do. Those that represent 1 1/2 billion mail accounts trust it too. This is also that false dichotomy again: just because a DNSBL might issue "unsubstantiated rumor" doesn't mean that they ALL necessarily do. "Some A does B" != "All A does B". Indeed, I would contend that to most people, the appearance of Miriam Abacha (that will trigger some non-DNSBL-based filters) as being spam sign is unsubstantiated rumor. But that is the basis for other filtering methods. One might reply that the IETF should not standardize the insides of those methods. But who cares? They don't need consistent inter-machine protocols. DNSBLs do. _______________________________________________ Ietf@xxxxxxxx https://www.ietf.org/mailman/listinfo/ietf