IETF Logo Mail Archive

Re: Last Call: draft-irtf-asrg-dnsbl (DNS Blacklists and Whitelists)

der Mouse <mouse@Rodents-Montreal.ORG> Mon, 10 November 2008 18:00 UTC

Return-Path: <ietf-bounces@ietf.org>
X-Original-To: ietf-archive@megatron.ietf.org
Delivered-To: ietfarch-ietf-archive@core3.amsl.com
Received: from [127.0.0.1] (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id CCFCA28C0FF; Mon, 10 Nov 2008 10:00:58 -0800 (PST)
X-Original-To: ietf@core3.amsl.com
Delivered-To: ietf@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 8C5983A68F0 for <ietf@core3.amsl.com>; Sun, 9 Nov 2008 09:33:33 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.189
X-Spam-Level:
X-Spam-Status: No, score=-1.189 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_MISMATCH_ORG=0.611, SARE_SUB_RAND_LETTRS4=0.799]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nMFx57HwnmoP for <ietf@core3.amsl.com>; Sun, 9 Nov 2008 09:33:32 -0800 (PST)
Received: from Sparkle.Rodents-Montreal.ORG (Sparkle.Rodents-Montreal.ORG [216.46.5.7]) by core3.amsl.com (Postfix) with ESMTP id E95623A6816 for <ietf@ietf.org>; Sun, 9 Nov 2008 09:33:30 -0800 (PST)
Received: (from mouse@localhost) by Sparkle.Rodents-Montreal.ORG (8.8.8/8.8.8) id MAA04258; Sun, 9 Nov 2008 12:33:13 -0500 (EST)
From: der Mouse <mouse@Rodents-Montreal.ORG>
Message-Id: <200811091733.MAA04258@Sparkle.Rodents-Montreal.ORG>
Mime-Version: 1.0
X-Erik-Conspiracy: There is no Conspiracy - and if there were I wouldn't be part of it anyway.
X-Message-Flag: Microsoft: the company who gave us the botnet zombies.
Date: Sun, 09 Nov 2008 12:25:23 -0500
To: ietf@ietf.org
Subject: Re: Last Call: draft-irtf-asrg-dnsbl (DNS Blacklists and Whitelists)
X-Mailman-Approved-At: Mon, 10 Nov 2008 10:00:56 -0800
Cc: mouse@Sparkle.Rodents-Montreal.ORG
X-BeenThere: ietf@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: IETF-Discussion <ietf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ietf@ietf.org>
List-Help: <mailto:ietf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf>, <mailto:ietf-request@ietf.org?subject=subscribe>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Sender: ietf-bounces@ietf.org
Errors-To: ietf-bounces@ietf.org

[Keith Moore]
>> The fact that [DNSBLs] are widely used is sad, not a justification
>> for standardization.

True.  The justification is not simply that they are widely used; it is
that they are widely used, they are often done wrong, they are of
tremendous value when done right, and of actively negative value when
done wrong.

[John C Klensin]
> Sadly, I have to agree with Keith.   While these lists are a fact of
> life today, and I would favor an informational document or document
> that simply describes how they work and the issues they raise,
> standardizing them and formally recommending their use is not
> desirable at least without some major changes in our email model and
> standards for what gets addresses onto --and, more important, off
> of-- those lists.

And this, I mostly disagree with.

Just because something is something we'd rather not have around does
not mean standardizing it is a bad idea.  SSH is an example; I would
much rather the net were still the open, friendly place it was back in
the ARPAnet and NSFnet days, where SSH was unnecessary.  But that's no
longer today's net, and SSH or something like it is necessary; I think
standardizing it is a Good Thing (indeed, a necessary thing in the case
of SSH).

Similarly, I too find DNSBLs' necessity regrettable.  But I do find
them necessary, and I think we're better off standardizing those
aspects that are currently agreed-upon enough to standardize.

I do not think that standards for how addresses get onto and off of
DNSBLs is even desirable.  As long as the list is technically well-run
and adheres to what it tells its users its (de)listing policies are,
exactly what those policies are is entirely up to the list; a wide
variety of policies is good because there is an equally wide variety of
receiving sites' desires - and because the price to the net of a DNSL
nobody uses is so close to zero as no matter, so there's no harm in
having a wide variety available to pick from.

And that "technically well-run" is the part that I think not only can
be standardized but should be standardized.

Not that my opinion counts for all _that_ much, since I'm not the one
doing the work.  But it's not total randomness; email operations and
administration has been part of my paid job for some 18 of the last 25
years, and I was on the CAUCE Canada board before we merged with CAUCE
USA.  (I think I'm actually still technically on CAUCE North America
board, but I've been trying to get out of abuse-fighting for a year or
two now).

/~\ The ASCII				  Mouse
\ / Ribbon Campaign
 X  Against HTML		mouse@rodents-montreal.org
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B
_______________________________________________
Ietf mailing list
Ietf@ietf.org
https://www.ietf.org/mailman/listinfo/ietf

v2.23.0 | Report a Bug | By Email