[21775] in North American Network Operators' Group
Re: Lawsuit threat against RBL users
daemon@ATHENA.MIT.EDU (Karl Denninger)
Thu Nov 19 19:00:56 1998
Date: Thu, 19 Nov 1998 16:39:20 -0600
From: Karl Denninger <karl@Denninger.Net>
To: George Herbert <gherbert@crl.com>
Cc: nanog@merit.edu
In-Reply-To: <199811192158.NAA00517@mail.crl.com>; from George Herbert on Thu, Nov 19, 1998 at 01:58:40PM -0800
On Thu, Nov 19, 1998 at 01:58:40PM -0800, George Herbert wrote:
>
> RBL policy is that they won't block anything more general than
> is warranted by particular spam complaints and the subsequent
> actions in response to those complaints or to a pattern of complaints.
> For example, a bunch of complaints come in reporting that various
> dialups spammed ads for www.biteme.com, a masochist oriented porn site,
> which is hosted on an IP address which is part of wehost.net .
> The proper procedure is that people complaining to RBL have to
> have contacted wehost.net and not gotten appropriate responses.
> RBL people will (always?) contact wehost.net for a final warning
> and status check prior to the block, and will only block
> the /32 corresponding to www.biteme.com's actual IP address.
> Thus, no wehost.net customer other than biteme will be inconvenienced.
That does nothing at all, since the only listener on www.biteme.com's
address is a web server.
> So yes, under (as I understand them) existing RBL rules, it is possible
> for purely innocent parties to get bitten (other non-spam related
> customers of wehost.net) if the ISP fails to respond properly
> for a significant length of time and number of incidents.
> I feel that's fair; if the ISP becomes the problem, then they
> should feel some heat. As long as the criteria for the ISp
> being RBled as a whole are sufficiently demanding so ISPs that
> are merely slow or not-entirely-cooperative don't get unnecessarily
> RBLed, that makes sense to me.
That's not the scenario that was postulated and led to the latest threat.
--
--
Karl Denninger (karl@denninger.net) http://www.mcs.net/~karl
I ain't even *authorized* to speak for anyone other than myself, so give
up now on trying to associate my words with any particular organization.
