IETF Logo Mail Archive

Re: [Asrg] draft-irtf-asrg-bcp-blacklists-07 [re-send]

Steve Linford <linford@spamhaus.org> Tue, 01 March 2011 21:04 UTC

Return-Path: <linford@spamhaus.org>
X-Original-To: asrg@core3.amsl.com
Delivered-To: asrg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C20DB3A69F9 for <asrg@core3.amsl.com>; Tue, 1 Mar 2011 13:04:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -17.73
X-Spam-Level:
X-Spam-Status: No, score=-17.73 tagged_above=-999 required=5 tests=[AWL=0.670, BAYES_00=-2.599, HABEAS_ACCREDITED_SOI=-4.3, RCVD_IN_BSP_TRUSTED=-4.3, RCVD_IN_DNSWL_HI=-8, SARE_SUB_RAND_LETTRS4=0.799]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id UioK-7bj+gMg for <asrg@core3.amsl.com>; Tue, 1 Mar 2011 13:04:23 -0800 (PST)
Received: from smtp-ext-layer.spamhaus.org (ns8.spamhaus.org [82.94.216.239]) by core3.amsl.com (Postfix) with ESMTP id 9968D3A6AC9 for <asrg@irtf.org>; Tue, 1 Mar 2011 13:04:23 -0800 (PST)
References: <4D6C265E.1060101@averillpark.net> <EE315DEA-7486-4673-9875-DEC91352BC55@cauce.org> <4D6D4284.50102@thoroquel.org> <AANLkTinxGLpeWmxGWR7hiLoZabYhhmfQdAh=JagCg2yk@mail.gmail.com> <AANLkTimzi+__J8dwVYPZ4td9ZLc_15r-kEgG2jOpg6cJ@mail.gmail.com> <20110301203843.E812124200@panix5.panix.com>
In-Reply-To: <20110301203843.E812124200@panix5.panix.com>
Mime-Version: 1.0 (Apple Message framework v1082)
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
From: Steve Linford <linford@spamhaus.org>
To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
X-Local-MTA-Info:
X-Mime-Info: text/plain
Message-ID: <A.1PuWl4-000NJL-4x@smtp-ext-layer.spamhaus.org>
Date: Tue, 01 Mar 2011 21:05:26 +0000
Subject: Re: [Asrg] draft-irtf-asrg-bcp-blacklists-07 [re-send]
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Mar 2011 21:04:24 -0000

On 1 Mar 2011, at 21:38, Seth wrote:

> Consider: BigISP is a large user of DNSBL, and pays a lot of money to
> DSNBL for that usage.  BigISP gets a high-paying spammer it doesn't
> want to remove, and tells DNSBL "If you list us, we'll stop using you
> and stop paying you."

In your scenario the DNSBL is entering into a pink contract with a spam-friendly ISP to facilitate spam to the DNSBL's other paying customers.

You could help bolster your scenario by using as example some criminal botnet gangs as the DNSBL customers, since they can pay much more to the DNSBL to let tons of botnet spam through. If a DNSBL is going to make a pink contract with an ISP to let spam through for money, why stop there?

(it's a rhetorical question, no need for an answer)

  Steve Linford
  The Spamhaus Project
  http://www.spamhaus.org

v2.23.0 | Report a Bug | By Email