On Wed, 28 Jan 2004 17:19:08 +0100 Thomas Zangl wrote: >Erik van Straten wrote: >>If major sites like Google, MSN etc. would query rapid DSL and dialup >>blacklists, they could visually inform the visitor that their PC is >>listed (+ inform them what to do, direct them to online AV etc). > >Bad idea! Think about all those hosts listed in a RBL and the users can't >do anything about it? Especially dailup/dsl users with dynamic IP's. So, >I see a warning that my IP is blacklisted because of some idiot spamming >around with my current IP hours ago? > >A working solution (practiced at the TU Graz / Austria) would be an open >mail relay for every user in the ISPs address space and block all outgoing >connections to port 25. The users will be forced to use the ISPs relay and >can't send out virii/[apply your favorite filter rule here] etc...
Indeed. Dynamic IP's *should* be behind such a block (think outbound AV, spamfilter and ratelimiting). Then *they* won't get blacklisted. I know some will pay a price. But now SMTP is fading - for many of us. For ISP's to comply, blacklist maintainers will have to be less strict; some of these lists are counterproductive. Servers with a high legit mail vs. spam ratio should not be blacklisted upon every minor incident, and it should be possible to quickly delist them after a major incident has been resolved. The SORBS maintainer plans to improve things [1]. In order to obtain a net positive effect, using too strict BL's should be avoided (Jonathan A. Zdziarsky's SBL seems great). Erik [1] http://www.merit.edu/mail.archives/nanog/2003-12/msg00300.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
