Hi, On Thu, 10 Jun 2004 09:23:18 -0400 Greg Kopp <[EMAIL PROTECTED]> wrote:
> IMHO, I would not use blackholes.us in a business environment. If it's > for your own use and you don't mind people you know getting rejected > mail, then fine. The .blackholes.us zones list large swaths of network space which is what you'd expect of a zone that listed all of, say, China. > But if it is your intention to actually do business with people, and to > have them send you e-mail, I would stay away from it. At least know what you're getting into. One might be able to whitelist specific contacts and blackhole the rest, depending on who one intends to correspond with. > The maintainer has been known to arbitrarily list every single IP > address belonging to some major ISPs because of past abuses. I don't believe it's arbitrary and it may have nothing to do with abuse. If the intent is to list all known network space of Comcast or Cogentco for example, it makes perfect sense. Now, why he chooses to create a zonefile for Comcast vs XS4ALL or Chello may be due to abuse; I don't know. What's more important is that the listings are accurate. > This is not an entirely bad practice. However, personaly experience has > shown me that small businesses and even some larger businesses are not > going to switch ISPs because they can't send YOU mail or because thier > IP address is listed in blackholes.us because 100 years ago a few of > those IPs were open relays. If you're trying to change people's behavior, using a DNSBL is probably not the way to do it. However, if enough people reject traffic such that a particular organization (country, ISP, etc.) finds itself isolated into a virtual intranet, there's a possibility they'll change, if the value of connecting to those that block them exceeds the cost of change. From a network operator's viewpoint, one has to determine if the benefit of accepting traffic from Cogentco, Chinanet, or Comcast (for example) is worth the cost (in terms of abuse and security incidents, etc.) That is, one should block to preserve the limited resources you're responsible for providing with no expecatation that anyone's behavior will change as a result. > The maintainer has also been rumored to block major ISPs simply because > he doesn't like them. What mail he accepts or rejects is his business. Our only concern should be the accuracy of the zone files he publishes. In order to use DNSBLs effectively, you need to clearly understand the blacklist operator's listing policy as well as your own policy, and have a reasonable belief that the blacklist operator will follow their stated policy. I haven't heard of blackholes.us deviating from their stated policies; then again, I don't use their blacklists. If I did, I'd probably use them within SA rather than to block at the MTA or firewall level. Caveat utilitor, -- Bob
