Re: Last Call: draft-irtf-asrg-dnsbl (DNS Blacklists and Whitelists)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



[Keith Moore]
>> The fact that [DNSBLs] are widely used is sad, not a justification
>> for standardization.

True.  The justification is not simply that they are widely used; it is
that they are widely used, they are often done wrong, they are of
tremendous value when done right, and of actively negative value when
done wrong.

[John C Klensin]
> Sadly, I have to agree with Keith.   While these lists are a fact of
> life today, and I would favor an informational document or document
> that simply describes how they work and the issues they raise,
> standardizing them and formally recommending their use is not
> desirable at least without some major changes in our email model and
> standards for what gets addresses onto --and, more important, off
> of-- those lists.

And this, I mostly disagree with.

Just because something is something we'd rather not have around does
not mean standardizing it is a bad idea.  SSH is an example; I would
much rather the net were still the open, friendly place it was back in
the ARPAnet and NSFnet days, where SSH was unnecessary.  But that's no
longer today's net, and SSH or something like it is necessary; I think
standardizing it is a Good Thing (indeed, a necessary thing in the case
of SSH).

Similarly, I too find DNSBLs' necessity regrettable.  But I do find
them necessary, and I think we're better off standardizing those
aspects that are currently agreed-upon enough to standardize.

I do not think that standards for how addresses get onto and off of
DNSBLs is even desirable.  As long as the list is technically well-run
and adheres to what it tells its users its (de)listing policies are,
exactly what those policies are is entirely up to the list; a wide
variety of policies is good because there is an equally wide variety of
receiving sites' desires - and because the price to the net of a DNSL
nobody uses is so close to zero as no matter, so there's no harm in
having a wide variety available to pick from.

And that "technically well-run" is the part that I think not only can
be standardized but should be standardized.

Not that my opinion counts for all _that_ much, since I'm not the one
doing the work.  But it's not total randomness; email operations and
administration has been part of my paid job for some 18 of the last 25
years, and I was on the CAUCE Canada board before we merged with CAUCE
USA.  (I think I'm actually still technically on CAUCE North America
board, but I've been trying to get out of abuse-fighting for a year or
two now).

/~\ The ASCII				  Mouse
\ / Ribbon Campaign
 X  Against HTML		mouse@xxxxxxxxxxxxxxxxxxxx
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B
_______________________________________________

Ietf@xxxxxxxx
https://www.ietf.org/mailman/listinfo/ietf

[Index of Archives]     [IETF Annoucements]     [IETF]     [IP Storage]     [Yosemite News]     [Linux SCTP]     [Linux Newbies]     [Fedora Users]