IETF Logo Mail Archive

Re: Last Call: draft-irtf-asrg-dnsbl (DNS Blacklists and Whitelists)

"Chris Lewis" <clewis@nortel.com> Sat, 08 November 2008 21:42 UTC

Return-Path: <ietf-bounces@ietf.org>
X-Original-To: ietf-archive@megatron.ietf.org
Delivered-To: ietfarch-ietf-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 53CD03A6844; Sat, 8 Nov 2008 13:42:31 -0800 (PST)
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D0DEE3A6805 for <ietf@core3.amsl.com>; Sat, 8 Nov 2008 13:42:29 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.8
X-Spam-Level:
X-Spam-Status: No, score=-5.8 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4, SARE_SUB_RAND_LETTRS4=0.799]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 193nVHcc9zrG for <ietf@core3.amsl.com>; Sat, 8 Nov 2008 13:42:29 -0800 (PST)
Received: from zrtps0kp.nortel.com (zrtps0kp.nortel.com [47.140.192.56]) by core3.amsl.com (Postfix) with ESMTP id D0B0E3A6844 for <ietf@ietf.org>; Sat, 8 Nov 2008 13:42:28 -0800 (PST)
Received: from zcarhxs1.corp.nortel.com (zcarhxs1.corp.nortel.com [47.129.230.89]) by zrtps0kp.nortel.com (Switch-2.2.6/Switch-2.2.0) with ESMTP id mA8LgLW22056; Sat, 8 Nov 2008 21:42:22 GMT
Received: from [47.130.64.204] ([47.130.64.204] RDNS failed) by zcarhxs1.corp.nortel.com with Microsoft SMTPSVC(6.0.3790.3959); Sat, 8 Nov 2008 16:42:20 -0500
Message-ID: <491607B5.2020704@nortel.com>
Date: Sat, 08 Nov 2008 16:42:13 -0500
From: Chris Lewis <clewis@nortel.com>
Organization: Nortel
User-Agent: Thunderbird 2.0.0.17 (Windows/20080914)
MIME-Version: 1.0
To: Keith Moore <moore@network-heretics.com>
Subject: Re: Last Call: draft-irtf-asrg-dnsbl (DNS Blacklists and Whitelists)
References: <20081108184543.26372.qmail@simone.iecc.com> <4915ED75.9000509@network-heretics.com>
In-Reply-To: <4915ED75.9000509@network-heretics.com>
X-OriginalArrivalTime: 08 Nov 2008 21:42:20.0671 (UTC) FILETIME=[E0D0E8F0:01C941EA]
Cc: john-ietf@jck.com, ietf@ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: ietf-bounces@ietf.org
Errors-To: ietf-bounces@ietf.org

Keith Moore wrote:
> John Levine wrote:
> 
>>> Unlike you, I don't see "overwhelming community consensus for
>>> this mechanism".
>> Aw, come on.  There's a billion and a half mailboxes using the
>> Spamhaus DNSBLs, on systems ranging from giant ISPs down to hobbyist
>> Linux boxes.
> 
> and there's a billion and a half users whose email is being degraded by
> such mechanisms.
> 
> if you ask them whether they want to not receive spam, they'll say yes.
>  if you ask them whether they want their incoming mail filtered on the
> basis of unsubstantiated rumor and unreliable identifiers, they'll say no.

Then you go to the next logical step, and turn Spamhaus off, and you ask
them whether they want it back on.  They'll say yes.  They did here (the
question was an accidental goof on my part that turned off Spamhaus
queries, the answer (trouble tickets about spam filtering not working,
despite all the other filtering mechanisms unaffected by the goof) was
overwhelming)

Secondly, the term "unsubstantiated rumor" - that implies that Spamhaus
accepts unsubstantiated allegations from anyone.  They don't.

"Unsubstantiated rumor" - unsubstantiated by whom?  Represented how? I'd
contend that Spamhaus's listings are all substantiated by them, but no
matter.  PSBL, for example, substantiates every listing with a spam
sample via their web site.  CBL (Spamhaus XBL) entries are substantiated
by SMTP transactions from the IP in question, usually with specific
identification of the spambot that did it.  They may not reveal precise
details of their heuristics of how they detected it, nor a sample, but
experience indicates that they are right virtually 100% of the time.

I don't need 100% full transparency or 100% substantiation, if
experience shows I can trust it.

And I do.  Those that represent 1 1/2 billion mail accounts trust it too.

This is also that false dichotomy again: just because a DNSBL might
issue "unsubstantiated rumor" doesn't mean that they ALL necessarily do.

"Some A does B" != "All A does B".

Indeed, I would contend that to most people, the appearance of Miriam
Abacha (that will trigger some non-DNSBL-based filters) as being spam
sign is unsubstantiated rumor.  But that is the basis for other
filtering methods.  One might reply that the IETF should not standardize
the insides of those methods.  But who cares?  They don't need
consistent inter-machine protocols.  DNSBLs do.
_______________________________________________
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

v2.23.0 | Report a Bug | By Email