[80393] in North American Network Operators' Group
RE: Schneier: ISPs should bear security burden
daemon@ATHENA.MIT.EDU (Miller, Mark)
Fri Apr 29 17:44:32 2005
Date: Fri, 29 Apr 2005 15:43:57 -0600
From: "Miller, Mark" <mark.miller@qwest.com>
To: "Steven J. Sobol" <sjsobol@JustThe.net>
Cc: <nanog@merit.edu>
Errors-To: owner-nanog@merit.edu
Well, I have no influence on addressing here, so any comments are mine
alone. A lot of addressing schemes were created in the day before there
was a huge issue with hostile dynamic addresses and the need to be able
to identify them. Addressing assignments, of course, were (and still
are to a large part) driven by routing efficiency.
- Mark
-----Original Message-----
From: Steven J. Sobol [mailto:sjsobol@JustThe.net]=20
Sent: Friday, April 29, 2005 4:40 PM
To: Miller, Mark
Cc: nanog@merit.edu
Subject: RE: Schneier: ISPs should bear security burden
On Fri, 29 Apr 2005, Miller, Mark wrote:
> Unfortunately, a lot of static "business" DSL IP space is still on=20
> those lists and legitimate mail servers can get blocked. I usually=20
> use the DUL as a "white list" to negate hits on the traditional dnsbls
> since those are almost always stale.
<assertion type=3D"applies to USA, don't know about other countries">
That's because the ILECs, especially, don't feel the need to separate
IPs on which servers are allowed, and IPs on which they aren't. SBC is
the worst in this regard. No separation, no custom reverse DNS for DSL
customers, no way to be absolutely certain if sending mail from a
specific IP is a violation of SBC's TOS. </assertion>
I've noticed that you work for Qwest. If the people designing your
network DO have enough clue to separate IPs, bravo... but my experience
is that many ISPs, especially ILECs/RBOCs, don't.
--
JustThe.net - Apple Valley, CA - http://JustThe.net/ - 888.480.4NET
(4638) Steven J. Sobol, Geek In Charge / sjsobol@JustThe.net / PGP:
0xE3AE35ED
"The wisdom of a fool won't set you free" =20
--New Order, "Bizarre Love Triangle"
