Re: Repeated Blacklisting / IP reputation

[Justin Shore <justin () justinshore com>]

Frank Bulk wrote:
> With scarcity of IPv4 addresses, organizations are more desperate than ever
> to receive an allocation.  If anything, there's more of a disincentive than
> ever before for ARIN to spend time on netblock sanitization.
>
> I do think that ARIN should inform the new netblock owner if it was
> previously owned or not.  But if ARIN tried to start cleaning up a netblock
> before releasing it, there would be no end to it.  How could they check
> against the probably hundreds of thousands private blocklist?

They could implement a process by which they announce to a mailing list 
of DNSBL providers that a given assignment has been returned to the RIR 
and that it should be cleansed from all DNSBLs.  At this point the RIR 
has done their due diligence for notifying the blacklist community of 
the change and the onus is on the DNSBL maintainers to update their 
records.  Of course this does nothing to cleanse the assignment in the 
hundreds of thousands of MTAs around the world.  However this could be a 
good reason to not blacklist locally (or indefinitely at least) and to 
instead rely on a DNSBL maintained by people responsible for wiping 
returned assignments from their records when RIRs give the word.  I 
suppose the mailing list could even be expanded to include mailing list 
admins if need be so that they could also receive the info and wipe 
their own internal DNSBLs.

The list should be an announcement-only list with only the RIRs being 
able to post to it in a common and defined format.  The announcement 
should be made as soon as the assignment is returned to the RIR, 
allowing for the cool off period of time for personal blacklists to 
catch up to the official ones.

I would think that would be a fairly simple process to implement.  It's 
not fool-proof by any means but it's better than doing nothing.  It's a 
thought.

Justin