Re: [Asrg] DNSBL BCP v.2.0

Dear Nick & Co.,

Thank you for publishing this very nice DNSBL BCP draft! I personally, still being a student, learned a lot of this paper and want to share some of my thoughts.

> or flawed formmail scripts on web pages. Additional DNSBLs were
> developed by others in order to address these changing tactics, and
> today more than 700 DNSBLs are in operation.
I don't mistrust you, but I am very interested for the source of this figure 700 :)

> When choosing to adopt a DNSBL, an administrator should keep the
> following questions in mind:
> 1. What is the intended use of the list?
> 2. Does the list have a web site?
> 3. Are the list's policies stated on the web site?
> 4. Are the policies stated clearly and understandably?
> 5. Are web pages for removal requirements accessible and
> functioning properly?
> 6. How long has the list been in operation?
> 7. What are the demographics and quantity of the list's user base?
> 8. Are comparative evaluations of the list available?
> 9. What do your peers or members of the Internet community say
> about the list.

Personally I would add the following:
- How much does the usage of the list cost? - How can I access the list (DNS, rsync, HTTP, ..)?

> Most DNSBLs can effectively use a "no questions asked" removal
> policy because by their very nature they will redetect or relist
> problems almost immediately. They can mitigate more organized
> attempts to "game" the system by elementary checking and rate-
> limiting procedures, increasing lockout periods, rescans etc.
> Furthermore, a few IP addresses more or less do not make a
> significant difference in the overall effectiveness of a DNSBL.
> Moreover, a "no questions asked" removal policy provides the
> huge benefit of a swift reaction to incorrect listings.
What's when we talk about removing entire net ranges, e.g. a /8 network? IMHO its dangerous simply removing such an entry from the list. On the other hand it should not only be possible to remove single IP addresses, since some/most providers use MTAs from at least /24 blocks to spread their mails.

> the DNSBL. There SHOULD NOT be any extra rules for de-listing
> other than the ones listed in the published listing criteria.
Does this implicate removing SHOULD be cost-free?

> Removals SHOULD be possible in the absence of the list admin.
Why is this not a MUST? An absence will harm the list and of course its users in a very bad way.

> 3.2. Cessation of List Operations MUST Be Done in a Graceful Fashion.
I suggest to add that list administrators SHOULD publish it (website, newsletter, common mailing lists etc.) in time before going down.

Do you need help?
In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related ietf.org Links asrg imrg Request more information about Pantek

Finally I feel the need for mentioning a news service in terms of a newsletter or a mailing list. Some DNSxLs (e.g. ahbl.org) offer such services that guarantee a user of this DNSxLs to be up-to-date. I prefer this way of notification rather than polling on websites.

All the best,
/Christian