IETF Logo Mail Archive

Re: How I deal with (false positive) IP-address blacklists...

Dave CROCKER <dhc2@dcrocker.net> Tue, 09 December 2008 19:23 UTC

Return-Path: <ietf-bounces@ietf.org>
X-Original-To: ietf-archive@megatron.ietf.org
Delivered-To: ietfarch-ietf-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 9C0FA3A6B48; Tue, 9 Dec 2008 11:23:26 -0800 (PST)
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 730673A6B48 for <ietf@core3.amsl.com>; Tue, 9 Dec 2008 11:23:25 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 59xJskF9QumW for <ietf@core3.amsl.com>; Tue, 9 Dec 2008 11:23:24 -0800 (PST)
Received: from sbh17.songbird.com (mail.mipassoc.org [IPv6:2001:470:1:76:0:ffff:4834:7146]) by core3.amsl.com (Postfix) with ESMTP id 91C723A6810 for <ietf@ietf.org>; Tue, 9 Dec 2008 11:23:23 -0800 (PST)
Received: from [192.168.0.6] (adsl-67-124-149-191.dsl.pltn13.pacbell.net [67.124.149.191]) (authenticated bits=0) by sbh17.songbird.com (8.13.8/8.13.8) with ESMTP id mB9JNB2Q026281 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 9 Dec 2008 11:23:12 -0800
Message-ID: <493EC59E.1050002@dcrocker.net>
Date: Tue, 09 Dec 2008 11:23:10 -0800
From: Dave CROCKER <dhc2@dcrocker.net>
Organization: Brandenburg InternetWorking
User-Agent: Thunderbird 2.0.0.18 (Windows/20081105)
MIME-Version: 1.0
To: Theodore Tso <tytso@MIT.EDU>
Subject: Re: How I deal with (false positive) IP-address blacklists...
References: <20081209061829.GA13153@mit.edu>
In-Reply-To: <20081209061829.GA13153@mit.edu>
X-Virus-Scanned: ClamAV 0.92/8737/Tue Dec 9 08:59:48 2008 on sbh17.songbird.com
X-Virus-Status: Clean
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.0 (sbh17.songbird.com [72.52.113.17]); Tue, 09 Dec 2008 11:23:16 -0800 (PST)
Cc: ietf@ietf.org
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: dcrocker@bbiw.net
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
Content-Transfer-Encoding: 7bit
Content-Type: text/plain; charset="us-ascii"; Format="flowed"
Sender: ietf-bounces@ietf.org
Errors-To: ietf-bounces@ietf.org


Theodore Tso wrote:
> This doesn't work for most people, but I had fun composing this
> response, and coming just a few weeks after people claiming that
> IP-based blacklists work well, and rarely result in false positives, I
> felt I just had to share.   :-)


Ted,

Evidently you believe that the anecdote you posted proves something, but I am 
not sure what.

Some others have suggested that it proves something which, I strongly suspect, 
is not what you had in mind.

Perhaps you can clarify the purpose of your note.  How should it be incorporated 
into the IETF's deliberations?

If you believe that it demonstrates that blacklists do not work well and/or do 
not rarely result in false positives, perhaps you can document the basis for 
that assessment.

I feel confident that you do not intend a single anecdote, about minor email 
service participants, to serve as the basis for such a global conclusion about a 
mechanism that is implemented and relied on by virtually every 
professionally-run email receiving service on the planet.

Thanks.

d/

-- 

   Dave Crocker
   Brandenburg InternetWorking
   bbiw.net
_______________________________________________
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

v2.23.0 | Report a Bug | By Email