Re: [Asrg] draft-irtf-asrg-bcp-blacklists-01 March 24, 2008

["Frank Ellermann" <nobody at xyzzy.claranet.de>]

Seth wrote:

>> The theory is that customers impacted by such a listing will apply
>> pressure on the provider to take action against the customer which
>> is the source of the abusive email.
 
> Whose theory is that?

It's implied.  If IPv4 aaa.bbb.ccc.ddd is the source of net abuse,
and a DNSBL recording it lists more than only this IPv4, then it
has a theory why listing aaa.bbb.ccc.* is better than say listing
*.bbb.ccc.ddd.  And that theory might be wrong if it is based on
obsolete concepts of classes or assumptions about /24 ranges.

>> Such a DNSBL policy is highly controversial, and discussion of
>> its appropriateness is beyond the scope of this document.
 
> So why bring it up in the first place?

Maybe an explanation why simply progressing from listing the IPv4,
then the /31, and so on, is an oversimplification and at some
point doomed, is better.  With a note that "some point" can be
smaller or bigger than /24 depending on the IPv4.

> "This DNSBL lists all IP addresses if the number of spam-emitting
> IPs in their /24 exceeds 10."  To anybody who can read, that 
> discloses whether it may include an IP address that didn't emit
> spam.

That misses the point, when the assumption that all IPs in a /24 
are administratively related, is dubious.  Readers of a listing
policy could arrive at arbitrary conclusions based on the wrong
assumption.  

 Frank

_______________________________________________
Asrg mailing list
Asrg at ietf.org
https://www.ietf.org/mailman/listinfo/asrg