IETF Logo Mail Archive

Re: several messages

der Mouse <mouse@Rodents-Montreal.ORG> Wed, 12 November 2008 16:38 UTC

Return-Path: <ietf-bounces@ietf.org>
X-Original-To: ietf-archive@megatron.ietf.org
Delivered-To: ietfarch-ietf-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D5E6A28C178; Wed, 12 Nov 2008 08:38:16 -0800 (PST)
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3DAEE3A6879; Tue, 11 Nov 2008 16:23:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -9.555
X-Spam-Level:
X-Spam-Status: No, score=-9.555 tagged_above=-999 required=5 tests=[AWL=0.433, BAYES_00=-2.599, HELO_MISMATCH_ORG=0.611, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hBMqEiMlVIAz; Tue, 11 Nov 2008 16:23:23 -0800 (PST)
Received: from Sparkle.Rodents-Montreal.ORG (Sparkle.Rodents-Montreal.ORG [216.46.5.7]) by core3.amsl.com (Postfix) with ESMTP id C79593A67A3; Tue, 11 Nov 2008 16:23:22 -0800 (PST)
Received: from localhost (localhost [[UNIX: localhost]]) by Sparkle.Rodents-Montreal.ORG (8.8.8/8.8.8) id TAA05922; Tue, 11 Nov 2008 19:23:12 -0500 (EST)
From: der Mouse <mouse@Rodents-Montreal.ORG>
Message-Id: <200811120023.TAA05922@Sparkle.Rodents-Montreal.ORG>
Mime-Version: 1.0
X-Erik-Conspiracy: There is no Conspiracy - and if there were I wouldn't be part of it anyway.
X-Message-Flag: Microsoft: the company who gave us the botnet zombies.
Date: Tue, 11 Nov 2008 18:49:20 -0500
To: ietf@ietf.org, gen-art@ietf.org
Subject: Re: several messages
In-Reply-To: <Pine.LNX.4.44.0811111552410.4831-100000@citation2.av8.net>
References: <Pine.LNX.4.44.0811111552410.4831-100000@citation2.av8.net>
X-Mailman-Approved-At: Wed, 12 Nov 2008 08:38:12 -0800
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: ietf-bounces@ietf.org
Errors-To: ietf-bounces@ietf.org

>> The Spamhaus XBL and Spamhaus PBL are pretty useful in denying
>> connections from botnets. You should try them - in the arsenal of
>> spam-fighting tools, they are the probably most effective ones.
> I've heard this about Spamhaus' lists.  One wonders how it is
> possible they are so useful and effective.

It is a good question.  I don't know the answer - but I don't have to
understand _how_ they manage it to know _that_ they manage it.

> Sometimes Vixie denies involvement with SORBS, sometimes he is
> willing to talk "1x1" about SORBS business model.  How can one trust
> such activities by the top people?

By trusting the people, of course.

Your example is pretty totally bogus, though.  I have no involvement at
all with, say, Walmart, or L. L. Bean, but I can blather all evening
about their business models; does that mean I'm untrustworthy?

>> Wnat DNSBLs do is mitigate the damage so that we have at least
>> middling-usable email while solutions evolve at the social level.
> I agree.  But there are technical reasons that they can't possibly
> keep up, too.

They have been so far.  When reality disagrees with logical deductions,
the thing to do is look for the incorrect assumption or the flaw in the
logic, not to assert that reality is wrong.

>> Using such a list puts a substantial crimp in direct-to-MX spamming.
> That is an interesting euphemism for intentional collateral damage.

"Eupehmism" is not an appropriate word here, I think.  I was not
attempting to sugar-coat something unpleasant.  I was describing a
desirable effect (stopping direct-to-MX spam); that the same thing also
has an undesirable effect (stopping direct-to-MX ham) doesn't make
discussing the desirable effect euphemistic.

Direct-to-MX ham sending is, like open relays, one of the casualties of
the net's getting infested with abusers.  I don't like it, but so what?

>> There aren't many addresses, as a fraction of the Internet, that are
>> statically assigned and send spam.  But the fraction is definitely
>> nonzero, and they tend to send a lot.  DNSBLs work very well indeed
>> against those.
> I'm sure they do.  But those are typically CAN-SPAM compliant
> emailers, and one doesn't need to use a DNSBL for that.

Need to?  I don't know; where's the boundary between need and want?  I
certainly want to, in the sense that it is the lightest-load way I've
found to reject the resulting spam, CAN-SPAM compliant or not.  (Why
the emphasis on CAN-SPAM, by the way?  Surely you don't think only the
USA matters?)

> And even those that weren't burned, surely know better now than to
> trust DNSBLs.

I trust DNSBLs as a class about as much as I trust people as a class,
and I trust DNSBLs individually about as much as I trust people
individually.  That is to say, a few are utterly wonderful, a few are
utterly horrible, and there's a whole spectrum in between.

> Indeed, the numbers of mail bounced when these blacklists shut is a
> better indicator of how many people actually used them.  There was a
> howl on Nanog, but no global disaster.  That should tell you
> something.

Yes; it tells me that comparatively few people used DNSBLs which are
badly run enough to have shut down disruptively.  It tells me nothing
at all about how many people use DNSBLs which are not that badly run.

> What multi-million dollar ISP really wants to trust its email service
> to some guy on a DSL line running a DNSBL out of his basement?

Irrelevant.  The existence of amateurishly-run DNSBLs does not imply
the nonexistence of well-run ones.  It _does_ mean that someone to whom
email is important had better do due diligence in selecting DNSBLs -
just as someone to whom a car is important had better do due diligence
in selecting a mechanic, or someone to whom good clothes are important
had better do due diligence in selecting a tailor....

/~\ The ASCII				  Mouse
\ / Ribbon Campaign
 X  Against HTML		mouse@rodents-montreal.org
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B
_______________________________________________
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

v2.23.0 | Report a Bug | By Email