Re: How I deal with (false positive) IP-address blacklists...
Theodore Tso <tytso@MIT.EDU> Wed, 10 December 2008 17:42 UTC
Return-Path: <ietf-bounces@ietf.org>
X-Original-To: ietf-archive@megatron.ietf.org
Delivered-To: ietfarch-ietf-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 994723A6BD8; Wed, 10 Dec 2008 09:42:35 -0800 (PST)
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 492883A6BD9 for <ietf@core3.amsl.com>; Wed, 10 Dec 2008 09:42:34 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.599
X-Spam-Level:
X-Spam-Status: No, score=-6.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id g5ozrfwNnLsZ for <ietf@core3.amsl.com>; Wed, 10 Dec 2008 09:42:33 -0800 (PST)
Received: from biscayne-one-station.mit.edu (BISCAYNE-ONE-STATION.MIT.EDU [18.7.7.80]) by core3.amsl.com (Postfix) with ESMTP id 3F4D83A6BD4 for <ietf@ietf.org>; Wed, 10 Dec 2008 09:42:33 -0800 (PST)
Received: from outgoing.mit.edu (OUTGOING-AUTH.MIT.EDU [18.7.22.103]) by biscayne-one-station.mit.edu (8.13.6/8.9.2) with ESMTP id mBAHfBIq016852; Wed, 10 Dec 2008 12:42:15 -0500 (EST)
Received: from closure.thunk.org (streamline129.sjccnet.com [207.87.51.129]) (authenticated bits=0) (User authenticated as tytso@ATHENA.MIT.EDU) by outgoing.mit.edu (8.13.6/8.12.4) with ESMTP id mBAHajIo027702 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Wed, 10 Dec 2008 12:36:52 -0500 (EST)
Received: from tytso by closure.thunk.org with local (Exim 4.69) (envelope-from <tytso@mit.edu>) id 1LASN4-0004cx-U0; Wed, 10 Dec 2008 11:57:10 -0500
Date: Wed, 10 Dec 2008 11:57:10 -0500
From: Theodore Tso <tytso@MIT.EDU>
To: dcrocker@bbiw.net
Subject: Re: How I deal with (false positive) IP-address blacklists...
Message-ID: <20081210165710.GC26292@mit.edu>
References: <20081209061829.GA13153@mit.edu> <493EC59E.1050002@dcrocker.net>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <493EC59E.1050002@dcrocker.net>
User-Agent: Mutt/1.5.17+20080114 (2008-01-14)
X-Scanned-By: MIMEDefang 2.42
Cc: ietf@ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: ietf-bounces@ietf.org
Errors-To: ietf-bounces@ietf.org
On Tue, Dec 09, 2008 at 11:23:10AM -0800, Dave CROCKER wrote: > Evidently you believe that the anecdote you posted proves something, but > I am not sure what. > > Some others have suggested that it proves something which, I strongly > suspect, is not what you had in mind. > > Perhaps you can clarify the purpose of your note. How should it be > incorporated into the IETF's deliberations? The point I was trying to make is that there seems to be an inherent assumption by some people, perhaps because the people who make these assumptions run large mail servers, that the problem with someone who is wrongly blocked rests solely with the sender, and not with the utimate recipient, or with the mailer operator. It's essentially an attitude of you have no _right_ to send us e-mail, and if we make an (inevitable) mistake, and blacklist list you incorrectly, it is up to **you** (the sender) to go to us on bended knee and prove tht you are not an evil spammer, or an incompentent Windows desktop owner who has let their machine be taken over by a botnet. I'm sure they feel magnaminous when they offer some method of approaching them on bended knee, hoping that that they will give you permissionto send e-mail --- whether it is via a phone number or whether it is via placing an international phone call and paying $$$ to some Austrialian PTT to beg and plead to be removed from some IP blacklist --- and I am still not convinced it is the best indetifier when deciding whether or not blocking *all* mail from a particular IP address. You may be trying to place the burden on me, but consider that we are merely getting assertions from the other side of the aisle as well. My main point, though, is that in some cases, the ultimate recipient may have a much greater interest in receiving the e-mail than the sender, and so the model of requiring the sender to assume the burden of proof and go on bended knee to the mailserver administrator to let their e-mails through may not be a particularly good model to use as the basis for making recommendations for best practice. Regards, - Ted _______________________________________________ Ietf mailing list Ietf@ietf.org https://www.ietf.org/mailman/listinfo/ietf
- How I deal with (false positive) IP-address black… Theodore Tso
- Re: How I deal with (false positive) IP-address b… Mark Andrews
- Re: How I deal with (false positive) IP-address b… Theodore Tso
- Re: How I deal with (false positive) IP-address b… Mark Andrews
- Re: How I deal with (false positive) IP-address b… Theodore Tso
- Re: Why the IETF is irrelevant to the future of e… John Levine
- Re: How I deal with (false positive) IP-address b… SM
- Re: How I deal with (false positive) IP-address b… Paul Hoffman
- Re: Why the IETF is irrelevant to the future of e… Peter Dambier
- Re: How I deal with (false positive) IP-address b… ned+ietf
- Re: How I deal with (false positive) IP-address b… Dave CROCKER
- RE: How I deal with (false positive) IP-address b… michael.dillon
- RE: How I deal with (false positive) IP-address b… ned+ietf
- Re: How I deal with (false positive) IP-address b… Peter Dambier
- Re: How I deal with (false positive) IP-address b… Dave CROCKER
- RE: How I deal with (false positive) IP-address b… michael.dillon
- RE: How I deal with (false positive) IP-address b… michael.dillon
- Re: How I deal with (false positive) IP-address b… Keith Moore
- Re: How I deal with (false positive) IP-address b… Dave CROCKER
- RE: How I deal with (false positive) IP-address b… Tony Hain
- Re: How I deal with (false positive) IP-address b… Dave CROCKER
- Re: How I deal with (false positive) IP-address b… ned+ietf
- Re: How I deal with (false positive) IP-address b… Keith Moore
- Re: How I deal with (false positive) IP-address b… Peter Dambier
- RE: How I deal with (false positive) IP-address b… michael.dillon
- RE: How I deal with (false positive) IP-address b… ned+ietf
- Re: How I deal with (false positive) IP-address b… Rich Kulawiec
- Re: How I deal with (false positive) IP-address b… Theodore Tso
- Re: How I deal with (false positive) IP-address b… Dave CROCKER
- Re: How I deal with (false positive) IP-address b… Paul Hoffman
- Re: How I deal with (false positive) IP-address b… Randy Presuhn
- Re: How I deal with (false positive) IP-address b… Keith Moore
- Re: How I deal with (false positive) IP-address b… Douglas Otis
- Re: How I deal with (false positive) IP-address b… John C Klensin
- Accountable Use Registry was: How I deal with (fa… Douglas Otis
- Re: Accountable Use Registry was: How I deal with… John C Klensin