nanog mailing list archives
Re: Repeated Blacklisting / IP reputation
From: Justin Shore <justin () justinshore com>
Date: Mon, 14 Sep 2009 13:58:57 -0500
Frank Bulk wrote:
With scarcity of IPv4 addresses, organizations are more desperate than ever to receive an allocation. If anything, there's more of a disincentive than ever before for ARIN to spend time on netblock sanitization. I do think that ARIN should inform the new netblock owner if it was previously owned or not. But if ARIN tried to start cleaning up a netblock before releasing it, there would be no end to it. How could they check against the probably hundreds of thousands private blocklist?
They could implement a process by which they announce to a mailing list of DNSBL providers that a given assignment has been returned to the RIR and that it should be cleansed from all DNSBLs. At this point the RIR has done their due diligence for notifying the blacklist community of the change and the onus is on the DNSBL maintainers to update their records. Of course this does nothing to cleanse the assignment in the hundreds of thousands of MTAs around the world. However this could be a good reason to not blacklist locally (or indefinitely at least) and to instead rely on a DNSBL maintained by people responsible for wiping returned assignments from their records when RIRs give the word. I suppose the mailing list could even be expanded to include mailing list admins if need be so that they could also receive the info and wipe their own internal DNSBLs.
The list should be an announcement-only list with only the RIRs being able to post to it in a common and defined format. The announcement should be made as soon as the assignment is returned to the RIR, allowing for the cool off period of time for personal blacklists to catch up to the official ones.
I would think that would be a fairly simple process to implement. It's not fool-proof by any means but it's better than doing nothing. It's a thought.
Justin
Current thread:
- Re: Repeated Blacklisting / IP reputation, (continued)
- Re: Repeated Blacklisting / IP reputation Joe Greco (Sep 08)
- Re: Repeated Blacklisting / IP reputation Alex Balashov (Sep 08)
- Re: Repeated Blacklisting / IP reputation JC Dill (Sep 09)
- Re: Repeated Blacklisting / IP reputation Jay Hennigan (Sep 09)
- RE: Repeated Blacklisting / IP reputation Frank Bulk (Sep 12)
- Re: Repeated Blacklisting / IP reputation joel jaeggli (Sep 12)
- Re: Repeated Blacklisting / IP reputation, replaced by registered use Douglas Otis (Sep 14)
- RE: Repeated Blacklisting / IP reputation, replaced by registered use Lee Howard (Sep 14)
- Re: Repeated Blacklisting / IP reputation, replaced by registered use David Conrad (Sep 14)
- RE: Repeated Blacklisting / IP reputation, replaced by registered use Azinger, Marla (Sep 14)
- Re: Repeated Blacklisting / IP reputation Justin Shore (Sep 14)
- Re: Repeated Blacklisting / IP reputation Martin Hannigan (Sep 14)
- Re: Repeated Blacklisting / IP reputation Martin Hannigan (Sep 15)
- Re: Repeated Blacklisting / IP reputation Justin Shore (Sep 15)
- RE: Repeated Blacklisting / IP reputation Aaron Wendel (Sep 15)
- Re: Repeated Blacklisting / IP reputation Joe Maimon (Sep 09)
- Re: Repeated Blacklisting / IP reputation Joe Greco (Sep 09)
- Message not available
- Re: Repeated Blacklisting / IP reputation John Curran (Sep 09)
- RE: Repeated Blacklisting / IP reputation Alex Lanstein (Sep 09)
- Re: Repeated Blacklisting / IP reputation Paul Ferguson (Sep 09)
- Re: Repeated Blacklisting / IP reputation Leo Vegoda (Sep 09)