Re: [dispatch] Proposal for scantxt; scanning opt-in/out, identification, verification, notification, and reporting
John Levine <johnl@taugh.com> Sun, 04 December 2022 05:13 UTC
Return-Path: <johnl@iecc.com>
X-Original-To: dispatch@ietfa.amsl.com
Delivered-To: dispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CD962C14CE35 for <dispatch@ietfa.amsl.com>; Sat, 3 Dec 2022 21:13:28 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.148
X-Spam-Level:
X-Spam-Status: No, score=-4.148 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HEADER_FROM_DIFFERENT_DOMAINS=0.25, RCVD_IN_DNSWL_MED=-2.3, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_PASS=-0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iecc.com header.b=ZCMKMnBU; dkim=pass (2048-bit key) header.d=taugh.com header.b=Ml5H2p/1
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hKMnXDdQ5Sfi for <dispatch@ietfa.amsl.com>; Sat, 3 Dec 2022 21:13:24 -0800 (PST)
Received: from gal.iecc.com (gal.iecc.com [IPv6:2001:470:1f07:1126:0:43:6f73:7461]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 05F18C1524B8 for <dispatch@ietf.org>; Sat, 3 Dec 2022 21:13:23 -0800 (PST)
Received: (qmail 94486 invoked from network); 4 Dec 2022 05:13:21 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:cleverness; s=17113.638c2c71.k2212; bh=AQ6Hp0DBfsZ++mmRFmkiEASHiAy2qcxpW3+xBOVK1Vg=; b=ZCMKMnBUC8B+BBwH55zI18P2psgKT2SxET5ufwRE7alH7Z67bemwPtKjy2f/ycJV9rV0NHAvtrRnrSsFg7ia6KOcrRTln0bGPek/G7vio7+f8Uu1VIknHdAwBK60np+8doKYIO53vj/NbqESN8igzToqJhNbfF6xmzZU8Xtr9P7Ea3bxQdRW1PGUdnAgNxyHqmR7zKuREq0q19R/8A0HkSHUK4SaYJ7cyqt7iv5yXgYTkyjHM4NCSLkEgaI4GsEyfNE7RLI5UsWvWh+Pt2wSvM52I9yaAl2S6kUi8uKE1vcfthEqg/3HZ2h6BA3AO1ZI2mIsPU+dlCKT/d7OBR/e3A==
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:cleverness; s=17113.638c2c71.k2212; bh=AQ6Hp0DBfsZ++mmRFmkiEASHiAy2qcxpW3+xBOVK1Vg=; b=Ml5H2p/1Xqd1/a9nVsroRdLNiK20i95UbUkC0HdQSvOdgt2FRAfIrlt3E/zl5VrMrAoh9Fzqwk76phB/2Deft+botqZS/q0ee65WlVF2jzYm9eUhAed5fbK+10sJTa9m0kQTPBx10T2rf+dbkjTq7eVvnR4EmBlMCv8ut7o0nhBufIH84sr9rX+IGQPVRj10DtVakkP4ksr5LnvjsehIRww9Vcza2JFzpe8QSMby2HV2OmlasQbDK3Tg+aEh8OefYFDf9+QtQBeMLSICLkNhbPl5fR4f+i6d3opOegZsvFyyEVQAoc8j/yIYUF4so11UM7e126oorfLA5/lSCC0fBw==
Received: from ary.qy ([IPv6:2001:470:1f07:1126::78:696d:6170]) by imap.iecc.com ([IPv6:2001:470:1f07:1126::78:696d:6170]) with ESMTPS (TLS1.3 ECDHE-RSA AES-256-GCM AEAD) via TCP6; 04 Dec 2022 05:13:21 -0000
Received: by ary.qy (Postfix, from userid 501) id 0FF0650855F1; Sun, 4 Dec 2022 00:13:19 -0500 (EST)
Date: Sun, 04 Dec 2022 00:13:19 -0500
Message-Id: <20221204051320.0FF0650855F1@ary.qy>
From: John Levine <johnl@taugh.com>
To: dispatch@ietf.org
In-Reply-To: <4f7a0b7e-b51b-ac06-c099-68143cba057b@cs.tcd.ie>
Organization: Taughannock Networks
X-Headerized: yes
Cleverness: minimal
Mime-Version: 1.0
Content-type: text/plain; charset="utf-8"
Content-transfer-encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/dispatch/GIehmBWho8QBItlKqVoP8FzX9bw>
Subject: Re: [dispatch] Proposal for scantxt; scanning opt-in/out, identification, verification, notification, and reporting
X-BeenThere: dispatch@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: DISPATCH Working Group Mail List <dispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dispatch>, <mailto:dispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dispatch/>
List-Post: <mailto:dispatch@ietf.org>
List-Help: <mailto:dispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dispatch>, <mailto:dispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 04 Dec 2022 05:13:28 -0000
It appears that Stephen Farrell <stephen.farrell@cs.tcd.ie> said: >mostly try do something like this, so there could well be >value in a standard location that can be found from a source >IP address at which some pointers/hints can be found. The de-facto convention is that you put a web server with an explanation at each IP doing the scanning. I can see why the people doing the scanning would want all this stuff, but I can't see why the victims of the probes would have any reason to go to any effort to make their lives easier. Most scanning is in practice malicious, even if the people doing the probing make excuses that it isn't. I am reminded of efforts about two decades ago in which spammers wanted to build elaborate schemes so we could tell them exactly which kinds of spam we did and didn't want. If you have to ask, the answer is no. R's, John
- [dispatch] Proposal for scantxt; scanning opt-in/… Ollie IETF
- Re: [dispatch] Proposal for scantxt; scanning opt… John Levine
- Re: [dispatch] Proposal for scantxt; scanning opt… Stephen Farrell
- Re: [dispatch] Proposal for scantxt; scanning opt… John Levine
- Re: [dispatch] Proposal for scantxt; scanning opt… Ollie IETF
- Re: [dispatch] Proposal for scantxt; scanning opt… John R Levine
- Re: [dispatch] Proposal for scantxt; scanning opt… westhawk
- Re: [dispatch] Proposal for scantxt worley
- Re: [dispatch] Proposal for scantxt; scanning opt… Ollie IETF
- Re: [dispatch] Proposal for scantxt; scanning opt… Ollie IETF
- Re: [dispatch] Proposal for scantxt Ollie IETF
- Re: [dispatch] Proposal for scantxt; scanning opt… John R Levine
- Re: [dispatch] Proposal for scantxt; scanning opt… John R Levine
- Re: [dispatch] Proposal for scantxt worley