IETF Logo Mail Archive

Re: How I deal with (false positive) IP-address blacklists...

Theodore Tso <tytso@MIT.EDU> Tue, 09 December 2008 07:58 UTC

Return-Path: <ietf-bounces@ietf.org>
X-Original-To: ietf-archive@megatron.ietf.org
Delivered-To: ietfarch-ietf-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 5F8D33A6AFA; Mon, 8 Dec 2008 23:58:44 -0800 (PST)
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 408AB3A6AFA for <ietf@core3.amsl.com>; Mon, 8 Dec 2008 23:58:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.449
X-Spam-Level:
X-Spam-Status: No, score=-7.449 tagged_above=-999 required=5 tests=[AWL=1.150, BAYES_00=-2.599, GB_I_INVITATION=-2, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1v8g-Jd-FALt for <ietf@core3.amsl.com>; Mon, 8 Dec 2008 23:58:39 -0800 (PST)
Received: from biscayne-one-station.mit.edu (BISCAYNE-ONE-STATION.MIT.EDU [18.7.7.80]) by core3.amsl.com (Postfix) with ESMTP id 318A33A6994 for <ietf@ietf.org>; Mon, 8 Dec 2008 23:58:39 -0800 (PST)
Received: from outgoing.mit.edu (OUTGOING-AUTH.MIT.EDU [18.7.22.103]) by biscayne-one-station.mit.edu (8.13.6/8.9.2) with ESMTP id mB97wVE4026579; Tue, 9 Dec 2008 02:58:31 -0500 (EST)
Received: from closure.thunk.org (adsl-76-211-230-191.dsl.pltn13.sbcglobal.net [76.211.230.191]) (authenticated bits=0) (User authenticated as tytso@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.6/8.12.4) with ESMTP id mB97wSdi000981 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Tue, 9 Dec 2008 02:58:29 -0500 (EST)
Received: from tytso by closure.thunk.org with local (Exim 4.69) (envelope-from <tytso@mit.edu>) id 1L9xUB-0003wx-KF; Tue, 09 Dec 2008 02:58:27 -0500
Date: Tue, 09 Dec 2008 02:58:27 -0500
From: Theodore Tso <tytso@MIT.EDU>
To: Mark Andrews <Mark_Andrews@isc.org>
Subject: Re: How I deal with (false positive) IP-address blacklists...
Message-ID: <20081209075827.GD13153@mit.edu>
References: <20081209070351.GC13153@mit.edu> <200812090724.mB97OBBB047375@drugs.dv.isc.org>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <200812090724.mB97OBBB047375@drugs.dv.isc.org>
User-Agent: Mutt/1.5.17+20080114 (2008-01-14)
X-Scanned-By: MIMEDefang 2.42
Cc: ietf@ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: ietf-bounces@ietf.org
Errors-To: ietf-bounces@ietf.org

On Tue, Dec 09, 2008 at 06:24:11PM +1100, Mark Andrews wrote:
> 
> > Well, it blocked a legitimate e-mail message, so by definition the
> > rejection was false positive.  I've also checked a number of DNSBL's,
> > and no one else seems to have black-listed my IP address, except these
> > jokers.
>
> 	Define "legitimate".  One that conforms to the RFC's?  One
> 	that you send?  One not containing advertising material?
> 	One that does not contain unsolicted advertising material?
> 	One about the content of the soil on the moon?  One that
> 	doesn't discuss the content of the soil on the moon?

Well, the intended recipient, is a Linux Kernel Developer.  He posted
a message on the Linux Kernel Mailing List, about Linux Kernel
Developement.  I responded, on-topic, with a message that had no
advertising material, soliticted, or unsolicited.  I think that meets
the definition of "legitimate e-mail", don't you think?  It seems
pretty clear the recipient probably wnated to receive it, and in this
case, an IP address-based blacklist is causing him not to receive the
e-mail.  It has been made unreliable for him.

I also happen to be the founder and program committee chair of the
Linyx Kernel Summit, which brings together the top 75 kernel
developers to the summit, and for which the competition to receive an
invitation based on merit is highly competitive.  Heck, some companies
pay $25,000 USD and up in order to receive a sponsored invite to the
Kernel Summit.  Occasionally, I will send an invite to a fellow kernel
developer, and it will get bounced due to some bogus false positive
spam filter (very often, it tends to be an IP-based filter).  If I'm
feeling nice, I'll try to route around the brain-damage.  If I'm
feeling really annoyed, I'll just drop the bounce on the floor, and
assume the developer in question didn't really want the invite, or was
too stupid to find a reliable ISP/mail handler, so they don't deserve
the invite.

This happens to be relatively unique position where I have far more
power than the recipient, and in many cases they are much more
interested in receive e-mails from me than I am in bothering to figure
out why some bogus IP-based address filter bounced my mail.
Basically, if they would badly want to receive it, and some bogus
technology has made e-mail unreliable, I'd consider that a false
positive rejection of a legitimate e-mail message --- and in general,
it's their problem, not mine.  Any attempt I might make to work around
the breakage is due to my charity, not any obligation on my part.

						- Ted
_______________________________________________
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

v2.23.0 | Report a Bug | By Email