[50267] in North American Network Operators' Group
Re: Security of DNSBL spam block systems
daemon@ATHENA.MIT.EDU (Len Rose)
Wed Jul 24 07:57:08 2002
Date: Wed, 24 Jul 2002 07:56:33 -0400
From: Len Rose <len@netsys.com>
To: nanog@nanog.org
In-Reply-To: <a05111b12b96369f701e3@[10.0.1.60]>; from brad.knowles@skynet.be on Tue, Jul 23, 2002 at 10:20:58PM +0200
Errors-To: owner-nanog-outgoing@merit.edu
--zhtSGe8h3+lMyY1M
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Tue, Jul 23, 2002 at 10:20:58PM +0200, Brad Knowles wrote:
>=20
> At 2:29 AM -0400 2002/07/23, Phil Rosenthal wrote:
>=20
> > IMHO Even the really large DNSBL's are barely used -- I think
> > (much) less than 5% of total human mail recipients are behind
> > a mailserver that uses one...
>=20
> Not true. There are plenty of large sites that use them (e.g.,=20
> AOL), and many sites use them to help ensure that they themselves=20
> don't get added to the black lists.
>=20
Is true.. those "large sites" still account for an infinitely small percent=
age
of the net.=20
> IMO, there is a serious risk of having DNSBL servers attacked and=20
> used as a DoS.
Yes, there is a risk but the exposure is negligble if it does occur. I'm
all for anti-spam measures but unless they're universally adopted and the
world governments start putting spammers out of business, these anti-spam
blacklists are more of an annoyance operated by a radical fringe of the
net.=20
I get 500-600 pieces of spam a day, and there is nothing I can do about it.
This topic has also been discussed to death before, the potential for a
DoS atatck is patently obvious to everyone.
[snipped]
(I also trimmed the Cc list)
--zhtSGe8h3+lMyY1M
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (SunOS)
iD8DBQE9PpXxSKuS+yx4meYRAgqjAJ9eppF06vkuHiBax8yKWUQOcIi3hgCfeLo2
fvhH5vYzAu1v4vW27yHQ2Ew=
=vRbz
-----END PGP SIGNATURE-----
--zhtSGe8h3+lMyY1M--
