nanog mailing list archives
Re: Repeated Blacklisting / IP reputation
From: Jay Hennigan <jay () west net>
Date: Wed, 09 Sep 2009 16:13:18 -0700
JC Dill wrote:
Joe Greco wrote:
Answer queries to whether or not IP space X is currently blocked (potentially at one of hundreds or thousands of points in their system, which corporate security may not wish to share, or even give "some random intern" access to)? Process reports of new ARIN delegations? What are you thinking they're going to do? And why should they care enough to do it?Because if they don't, they are needlessly blocking re-allocated IP addresses, potentially blocking their own users from receiving wanted email. Organizations could (and should) setup a role account and auto-responder for this purpose.
Perhaps they should, but until there is sufficient pain from their own users complaining about it there is no financial motivation to do so, and therefore many will not. I would guess that there are thousands of individual blocklists to this day blocking some of Sanford Wallace's and AGIS's old netblocks.
As for a role account, there is "postmaster". I would think that the best hope in the real world, rather than an autoresponder would be an RFC that clearly defines text accompanying an SMTP rejection notice triggered by a blocklist, detailing the blocklist and contact for removal. Perhaps encouraging those who code MTAs and DNSBL hooks into them to include such in the configuration files would be a good start.
This still puts the onus on the sender or inheritor of the tainted netblock, but makes the search less painful and perhaps even somewhat able to be scripted.
Note that this thread deals mostly with SMTP issues regarding DNSBLs, as those are the most common trouble point. We should also consider other forms of blocking/filtering of networks reclaimed from former virus/malware/DoS sources.
-- Jay Hennigan - CCIE #7880 - Network Engineering - jay () impulse net Impulse Internet Service - http://www.impulse.net/ Your local telephone and internet company - 805 884-6323 - WB6RDV
Current thread:
- Re: Repeated Blacklisting / IP reputation, (continued)
- Re: Repeated Blacklisting / IP reputation Chris Hills (Sep 09)
- Re: Repeated Blacklisting / IP reputation James Cloos (Sep 12)
- Re: Repeated Blacklisting / IP reputation Joe Greco (Sep 12)
- Re: Repeated Blacklisting / IP reputation James Cloos (Sep 12)
- Re: Repeated Blacklisting / IP reputation Joe Greco (Sep 12)
- RE: Repeated Blacklisting / IP reputation Keith Medcalf (Sep 12)
- Message not available
- Message not available
- Re: Repeated Blacklisting / IP reputation JC Dill (Sep 08)
- Re: Repeated Blacklisting / IP reputation Joe Greco (Sep 08)
- Re: Repeated Blacklisting / IP reputation Alex Balashov (Sep 08)
- Re: Repeated Blacklisting / IP reputation JC Dill (Sep 09)
- Re: Repeated Blacklisting / IP reputation Jay Hennigan (Sep 09)
- RE: Repeated Blacklisting / IP reputation Frank Bulk (Sep 12)
- Re: Repeated Blacklisting / IP reputation joel jaeggli (Sep 12)
- Re: Repeated Blacklisting / IP reputation, replaced by registered use Douglas Otis (Sep 14)
- RE: Repeated Blacklisting / IP reputation, replaced by registered use Lee Howard (Sep 14)
- Re: Repeated Blacklisting / IP reputation, replaced by registered use David Conrad (Sep 14)
- RE: Repeated Blacklisting / IP reputation, replaced by registered use Azinger, Marla (Sep 14)
- Re: Repeated Blacklisting / IP reputation Justin Shore (Sep 14)
- Re: Repeated Blacklisting / IP reputation Martin Hannigan (Sep 14)
- Re: Repeated Blacklisting / IP reputation Martin Hannigan (Sep 15)
- Re: Repeated Blacklisting / IP reputation Justin Shore (Sep 15)