IETF Logo Mail Archive

Re: [Asrg] draft-irtf-asrg-bcp-blacklists-07 [re-send]

Neil Schwartzman <neil@cauce.org> Tue, 01 March 2011 21:18 UTC

Return-Path: <geemailenator@gmail.com>
X-Original-To: asrg@core3.amsl.com
Delivered-To: asrg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 6C84B3A6A16 for <asrg@core3.amsl.com>; Tue, 1 Mar 2011 13:18:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.05
X-Spam-Level:
X-Spam-Status: No, score=-2.05 tagged_above=-999 required=5 tests=[AWL=-0.250, BAYES_00=-2.599, SARE_SUB_RAND_LETTRS4=0.799]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4zW9r62A7HBC for <asrg@core3.amsl.com>; Tue, 1 Mar 2011 13:18:09 -0800 (PST)
Received: from mail-vx0-f182.google.com (mail-vx0-f182.google.com [209.85.220.182]) by core3.amsl.com (Postfix) with ESMTP id 2A58A3A67D6 for <asrg@irtf.org>; Tue, 1 Mar 2011 13:18:09 -0800 (PST)
Received: by vxc34 with SMTP id 34so5322765vxc.13 for <asrg@irtf.org>; Tue, 01 Mar 2011 13:19:12 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:sender:content-type:mime-version:subject:from :in-reply-to:date:content-transfer-encoding:message-id:references:to :x-mailer; bh=WDClkaNoFNB2ZdcgO/eh5cpavRZrmqlQ1eOfkkDE/ds=; b=hZz6dMHYX0lsGZaKK0qgqKSlciQSws3r7sOAcRV00aQh65sIrxSrFE1AnXF0vQIEK5 yrFbzYkCg2azr5ZGacbgdw92m4t4YO4MHzbwb3F05N7niT4MNe/+eosvAOMsGpDGwBeY RMfTqrsisGnJbX05XmiejkUVe7JnCanTjEJy8=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=sender:content-type:mime-version:subject:from:in-reply-to:date :content-transfer-encoding:message-id:references:to:x-mailer; b=ouLeFn0S9ETl5Zx2TIaVYqVhAwTcpv22BP6ivtOfacOK2XgE2tb4CCiMA9n1PFfAxP 8QBnxs5kiXHyA5OHLiIw9M594xQcZw/P5T02gLZDJID+K8U54EMtuDfOjb/wKfs4B4jO O7zgOVwlqZrqWXX3BXjX4c+pYH+VYFlHqXvV0=
Received: by 10.52.167.72 with SMTP id zm8mr11867051vdb.228.1299014102550; Tue, 01 Mar 2011 13:15:02 -0800 (PST)
Received: from [172.16.1.2] (modemcable156.249-57-74.mc.videotron.ca [74.57.249.156]) by mx.google.com with ESMTPS id i14sm2404034vcr.11.2011.03.01.13.15.00 (version=TLSv1/SSLv3 cipher=OTHER); Tue, 01 Mar 2011 13:15:01 -0800 (PST)
Sender: Neil Schwartzman <geemailenator@gmail.com>
Content-Type: text/plain; charset="us-ascii"
Mime-Version: 1.0 (Apple Message framework v1082)
From: Neil Schwartzman <neil@cauce.org>
In-Reply-To: <A.1PuWl4-000NJL-4x@smtp-ext-layer.spamhaus.org>
Date: Tue, 01 Mar 2011 16:14:59 -0500
Content-Transfer-Encoding: quoted-printable
Message-Id: <AEF93F0E-74A4-4A54-B31A-486B0A5607FD@cauce.org>
References: <4D6C265E.1060101@averillpark.net> <EE315DEA-7486-4673-9875-DEC91352BC55@cauce.org> <4D6D4284.50102@thoroquel.org> <AANLkTinxGLpeWmxGWR7hiLoZabYhhmfQdAh=JagCg2yk@mail.gmail.com> <AANLkTimzi+__J8dwVYPZ4td9ZLc_15r-kEgG2jOpg6cJ@mail.gmail.com> <20110301203843.E812124200@panix5.panix.com> <A.1PuWl4-000NJL-4x@smtp-ext-layer.spamhaus.org>
To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
X-Mailer: Apple Mail (2.1082)
Subject: Re: [Asrg] draft-irtf-asrg-bcp-blacklists-07 [re-send]
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Mar 2011 21:18:10 -0000

On Mar 1, 2011, at 4:05 PM, Steve Linford wrote:

> On 1 Mar 2011, at 21:38, Seth wrote:
> 
>> Consider: BigISP is a large user of DNSBL, and pays a lot of money to
>> DSNBL for that usage.  BigISP gets a high-paying spammer it doesn't
>> want to remove, and tells DNSBL "If you list us, we'll stop using you
>> and stop paying you."
> 
> In your scenario the DNSBL is entering into a pink contract with a spam-friendly ISP to facilitate spam to the DNSBL's other paying customers.
> 
> You could help bolster your scenario by using as example some criminal botnet gangs as the DNSBL customers, since they can pay much more to the DNSBL to let tons of botnet spam through. If a DNSBL is going to make a pink contract with an ISP to let spam through for money, why stop there?
> 
> (it's a rhetorical question, no need for an answer)
> 


Let's use another example. Spamhaus has, IIRC listed Microsoft IPs. (lve.com spam hosting about 18 months ago?). Surely your largest customer beat you over the head to have them delisted, no? Paid you enough to delist them, and put the rest of your users in jeopardy? 

(it's a rhetorical question, no need for an answer)

If an DNSBL is respected well enough to be used by a large ISP (and very few are, and relatively few do, respectively), one assumes they respect the quality of the data well enough not to try to interfere, lest said DNSBL go public. Besides which, let's say Spamhaus took a bribe. How long until hotmail figures if they can take an indirect bribe, they can take one directly. Thus, the credibility goes out the window, and soon after, the contract with the DNSBL.

Anyway, this is my last post on this subject; the Chair has called the question and we should probably best serve the issue by reviewing the document, suggesting changes, and trying to achieve consensus.

--
Neil Schwartzman
Executive Director
CAUCE
The Coalition Against Unsolicited Commercial Email, North America Inc.

http://cauce.org
http://twitter.com/cauce
IM: caucecanada
Tel.: +1 (303) 800 6345

v2.23.0 | Report a Bug | By Email