IETF Logo Mail Archive

Re: uncooperative DNSBLs, IETF misinformation (was: several messages)

Steve Linford <linford@spamhaus.org> Fri, 14 November 2008 09:54 UTC

Return-Path: <ietf-bounces@ietf.org>
X-Original-To: ietf-archive@megatron.ietf.org
Delivered-To: ietfarch-ietf-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 34B8A3A6A40; Fri, 14 Nov 2008 01:54:53 -0800 (PST)
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 39C0B3A6A40 for <ietf@core3.amsl.com>; Fri, 14 Nov 2008 01:54:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.799
X-Spam-Level:
X-Spam-Status: No, score=-10.799 tagged_above=-999 required=5 tests=[AWL=0.100, BAYES_00=-2.599, RCVD_IN_BSP_TRUSTED=-4.3, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hDIiJsCzJrbI for <ietf@core3.amsl.com>; Fri, 14 Nov 2008 01:54:51 -0800 (PST)
Received: from smtp-ext-layer.spamhaus.org (ns8.spamhaus.org [82.94.216.239]) by core3.amsl.com (Postfix) with ESMTP id 0203B3A6823 for <ietf@ietf.org>; Fri, 14 Nov 2008 01:54:50 -0800 (PST)
Mime-Version: 1.0 (Apple Message framework v753.1)
In-Reply-To: <C0F2465B4F386241A58321C884AC7ECC09597929@E03MVZ2-UKDY.domain1.systemhost.net>
References: <C0F2465B4F386241A58321C884AC7ECC09597929@E03MVZ2-UKDY.domain1.systemhost.net>
From: Steve Linford <linford@spamhaus.org>
Subject: Re: uncooperative DNSBLs, IETF misinformation (was: several messages)
To: ietf@ietf.org
X-Local-MTA-Info:
X-Mime-Info: text/plain
Message-ID: <A.1L0vO5-0003SJ-Eg@smtp-ext-layer.spamhaus.org>
Date: Fri, 14 Nov 2008 09:54:49 +0000
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"; DelSp="yes"
Sender: ietf-bounces@ietf.org
Errors-To: ietf-bounces@ietf.org

On 14 Nov 2008, at 09:19, <michael.dillon@bt.com>  
<michael.dillon@bt.com> wrote:

>> - DNSBLs are a temporary fad, they'll never last.
>>    (we've been serving DNSBLs for 10 years)
>
> Longevity is no guarantee of future survival.

A good argument against publishing a standard for any technology at all.

>> - DNSBLs are bad for email.
>>    (we alone flag some 80 billion spam emails *per day*, spam which
>>    would otherwise clog servers and render email completely useless)
>
> Interesting point. If you did not run those DNSBLs then the flood of
> spam would have rendered email completely useless which would have
> reduced the sell-rate from one in 12.5 million, to zero. At which
> point there is no financial incentive for spam. Or, more likely, spam
> would have been maintained at a much lower level to maximize their
> profit.

The "we don't need filters, the spammers will regulate themselves"  
theory also holds for eliminating the police: crooks will regulate  
themselves when too much crookness renders crooking not so profitable.

This theory can be tested and you guys at BT could be the pioneers:  
turn off BT's spam filters and we'll watch. Obviously let your  
customers know first or your phones will light up (something like  
this will do: "Dear BT customer, we're turning your spam filters off  
as an experiment to see if, over time, spammers will spam you a bit  
less when they realize your mailbox has imploded under the weight of  
spam").


>> - DNSBLs have huge False Positives.
>>    (at 80 billion spams stopped per day, if we had even a miniscule
>>    FP level there would be a worldwide outcry and everyone would stop
>>    using us. Do the maths. Our FP level is many times lower than any
>>    other spam filter method by a very, very long way)
>
> Hmmm. No data provided, so no maths is possible.

I thought perhaps you might be with BT's mail engineering team. BT  
uses our DNSBLs, you therefore have precise data on both how much  
spam you stop with them and FPs for your customers. (If you're not  
with BT's mail engineering team I apologize)

>> - DNSBLs break email deliverability.
>>    (DNSBL technology in fact ensures that the email sender is  
>> notified
>>    if an email is rejected, unlike Bayesian filters/content filters
>>    which place spam in the user's trash without notifying the  
>> senders)
>
> This still breaks deliverability.

Deliverability breaks when someone accepts a package, says "250 OK,  
got it" to the courier, and then silently trashes it without  
informing the Sender that the Recipient did not in fact get it.

How many times have you sent an email and your recipient says days  
later "I didn't get it" and you say "well you must have since it  
didn't bounce back" and both of you waste time. Almost guaranteed in  
such cases your recipient was using post-SMTP-phase spam filters,  
content filters or "I guess this looks like spam" filters and the  
receiving server *did* accept your mail, *did* give your server a  
"250 OK, got it" which concluded the transaction and then quietly put  
your message in the Junk.

DNSBL technology maintains the fundemental rule of email  
deliverability: If an email can not be delivered *inform the Sender*.

   Steve Linford
   The Spamhaus Project
   http://www.spamhaus.org




_______________________________________________
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

v2.23.0 | Report a Bug | By Email