[122790] in North American Network Operators' Group
Re: Spamhaus...
daemon@ATHENA.MIT.EDU (Matthias Leisi)
Sun Feb 21 13:16:07 2010
Date: Sun, 21 Feb 2010 19:15:36 +0100
From: Matthias Leisi <matthias@leisi.net>
To: nanog@nanog.org
In-Reply-To: <4B80FC1C.4090904@sorbs.net>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Am 21.02.10 10:25, schrieb Michelle Sullivan:
> As a matter of interest, who are the other current DNSBL's to do it?
dnswl.org currently does not do it, but bandwidth suckers are a pain.
The work is considerable: log aggregation, log review, trying to find a
responsible for the IPs and following up until they finally implement a
local copy. We losely define 100k queries/24h to be acceptable. Above
that, you should set up your local (private) mirror (and hey, rsync is
free!).
And there are some entities that do not even acknowledge that a problem
exists -- most likely until you turn access off for them. Yes, I can
completely understand Spamhaus & Co for limiting access to their public
mirrors.
(OTOH, blocking access to these abusers is hard since our infrastructure
partly relies on donated, shared public DNSBL mirrors.)
-- Matthias
