[63065] in North American Network Operators' Group
Re: Any way to P-T-P Distribute the RBL lists?
daemon@ATHENA.MIT.EDU (JC Dill)
Thu Sep 25 23:16:13 2003
Date: Thu, 25 Sep 2003 20:03:09 -0700
To: nanog@merit.edu
From: JC Dill <nanog@vo.cnchost.com>
In-Reply-To: <1903.66.31.42.38.1064498894.squirrel@envoy.ci.net>
Errors-To: owner-nanog-outgoing@merit.edu
At 07:08 AM 9/25/2003, Rich Braun wrote:
> But generating the
>blocklist requires real-time reporting back to a central server. Even if the
>server is decentralized, it will still require a relatively small handful of
>accessable IP addresses.
I seem to recall a distributed server network, something called USENET,
uses NNTP for sharing data with other servers in the network... Last I
heard there were over 30,000 such servers netwide/worldwide, all sharing
data with one or more neighbors, automagically sharing data that is input
into one system to all systems in a relatively and reasonably short amount
of time.
I propose that a private spamrbl nntp server system be established. Only
allow feeds from those you know, use PGP authentication for all feeds and
all submissions. If there is a personally verifiable web of trust built
around personally verified signed PGP keys, it should prevent spammers from
infiltrating the system. Perhaps the only way you can get approved/added
to the network is to be approved by your upstream or a peer, and so they
are held accountable for letting you into the system.
This system could house a number BLs, each as a "newsgroup", allowing each
network to then utilize the BLs that they want to implement in their
network at any given time. Some of the newsgroups could be open, anyone
can add a listing, others would be moderated (e.g. Monkeys or Spamhaus) and
only the moderator(s) could add or remove listings.
It seems too easy. I must be overlooking something really stupid and
obvious about why this won't work.
jc
