Re: [Asrg] DNSBL and IPv6

Dave Warren <lists@hireahit.com> Sat, 20 October 2012 00:25 UTC

Return-Path: <prvs=16406941c5=lists@hireahit.com>
X-Original-To: asrg@ietfa.amsl.com
Delivered-To: asrg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CC1A621F8853 for <asrg@ietfa.amsl.com>; Fri, 19 Oct 2012 17:25:29 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.854
X-Spam-Level:
X-Spam-Status: No, score=-2.854 tagged_above=-999 required=5 tests=[AWL=0.745, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0k0MEeDWuU-1 for <asrg@ietfa.amsl.com>; Fri, 19 Oct 2012 17:25:28 -0700 (PDT)
Received: from vinny.hireahit.com (vinny.hireahit.com [72.51.42.137]) by ietfa.amsl.com (Postfix) with ESMTP id 75CFD21F884D for <asrg@irtf.org>; Fri, 19 Oct 2012 17:25:28 -0700 (PDT)
Received: from [172.24.0.107] by hireahit.com (vinny.hireahit.com) (SecurityGateway 2.0.7) with SMTP id SG002846525.MSG for <asrg@irtf.org>; Fri, 19 Oct 2012 17:25:22 -0700
Message-ID: <5081EF6F.9030808@hireahit.com>
Date: Fri, 19 Oct 2012 17:25:19 -0700
From: Dave Warren <lists@hireahit.com>
User-Agent: Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/17.0 Thunderbird/17.0
MIME-Version: 1.0
To: asrg@irtf.org
References: <20121019224131.28382.qmail@joyce.lan>
In-Reply-To: <20121019224131.28382.qmail@joyce.lan>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-SGOP-RefID: fgs=0 (_st=1 _vt=0 _iwf=0)
Subject: Re: [Asrg] DNSBL and IPv6
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/options/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sat, 20 Oct 2012 00:25:29 -0000

On 10/19/2012 15:41, John Levine wrote:
>>> What I feel needs to happen is that policy needs to put in place to RIRs
>>> (via ISPs) can present "what is a customer" on a network level, and then
>>> this information can be put into DNS somehow, and used for DNSBL.
> Yeah, I've been talking to people on and off about this for over a
> year.  Even though providers can lie about their allocation
> granularity, most won't, and the ones that lie would probably merit
> total blocking anyway.

I'm less worried about those that lie outright than those that just 
don't care either by not bothering to specify a policy at all (unless it 
becomes mandatory somehow), or have more granularity than can be clearly 
specified in a single policy.

For example, their policy might be to allocate at the /64 level, but 
unless they also prohibit customers from obtaining more than one /64...

-- 
Dave Warren
http://www.hireahit.com/
http://ca.linkedin.com/in/davejwarren