North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Lazy network operators - NOT

  • From: Iljitsch van Beijnum
  • Date: Sun Apr 18 12:13:28 2004 
On 18-apr-04, at 16:55, Paul Vixie wrote:
we already know that the average broadband provider is not even aware of their
role in the overall spam problem, and does not have the budget to employ
anyone who could (a) become aware of an HINFO-like registry, (b) know what
category their netblocks belong in, (c) have the technical ability to update
the RFC1101-like info at the apex of the appropriate zones, and (d) get
approval from management/legal/marketing/sales to put this data in. so,
it's going to have to be an external entity like a RIR or DNSBLP who runs
a global "BBL" and externally categorizes these netblocks.
Maybe a stupid question... But if broadband providers aren't going to do this, and considering there are way less legitimate SMTP senders than broadband users, wouldn't it make more sense to whitelist known real SMTP sources rather than blacklist all addresses that potentially have a fake one?

This has the advantage that he solution stays in the hands of the people who are experiencing the problem: SMTP operators.

It would be important to make this a list of legitimate SMTP hosts only, and NOT a list of non-spammers, as the former can be determined through technical means (1) and the latter is open to endless debate. (As we can see with pretty much all existing blacklists.)

(1) I'm assuming spamworms won't be sporting an I-can't-believe-this-isn't-a-real-MTA any time soon.