Oh, the irony of this thread being initiated by someone with an
@covad.com address. 
I don't have an answer for the originator, but this reminded me of
something about DNSBLs that I've been meaning to ask. Does anyone know
of a black hole list of dynamic cable and DSL clients? What I really
want is one that mimics AOLs block list of dynamic IPs.
I HUGE portion of the spam we were (and still are) receiving came out
of attbi.com, swbell.com, pacbell.com, covad.com, etc. DSL and cable
customers, and almost no legitimate mail. Manangement resisted
blocking those IPs until AOL lead the way. "If they can't send to AOL
either, they can't complain that we're being unreasonable. They'll
have to break down and fix their mail servers."
However, trying to figure out which blocks of IPs these ISPs use for
dynamic connections (which we want to block) versus static allocations
(which we may not wish to) is non-trival. The few "dynamic" DNSBLs
I've found haven't provided enough documentation about what they
actually are trying to include. Plus, when I tested them, they didn't
seem to block some of the most obvious culprits.
(Before anyone starts arguing the merits of blocking dynamic
addresses, you might as well try to tell me why you need to run an
open relay and I shouldn't block it. I have a dynamic address at
home, and I am blocked by my own filters at work. I figured out long
ago that my home MTA needs to route outgoing email via my ISP's
outgoing SMTP servers, and it has never caused me any problems.)
Wirehub^WEasynet NL's Dynablocker might fit your bill, at least they
have documented what they include.
http://abuse.easynet.nl/dynablocker.html
Pretty much all the dialup lists contain dynamically assigned DSL/cable
IPs as well.
I don't have a problem with rejecting a 56k modem user with one of those
lists. Even I'm leary about rejecting mail from DSL/cable customers in
the same manner. Yes they shoud SmartHost to their provider. There are
lots of times when that isn't feasible. The most blatent example is those
worthless ISPs that mandate that all mail passing through their MTA claim
to be From and have a Reply-To of the ISP's domain. Nothing like free
advertising for the ISP, eh? If I had an ISP like that and I was unable
to switch to one that wasn't an absolute joke, I'd send direct-to-MX as
well, or at least bounce it off of one of my own MTAs.
AOl be damned. Don't like AOL dictate what you do on your own networks.
I wouldn't block dynamically assigned broadband IPs. However I wouldn't
hesitate a bit about scoring mail off of them. Adding 1 or 1.5 to the
score seems most justified in my opinion.
Justin
Pretty much all the dialup lists contain dynamically assigned DSL/cable
IPs as well.
I don't have a problem with rejecting a 56k modem user with one of those
lists. Even I'm leary about rejecting mail from DSL/cable customers in
the same manner. Yes they shoud SmartHost to their provider. There are
lots of times when that isn't feasible.
Dialup is a good throw-away, as is cable. DSL gets a bit more
interesting, as you have "upscale" ADSL services, like Speakeasy, that
give out static IPs and they tend to attract people who wish to run
servers at home. Now a list that canned dialup, cable, and most dynamic
IP DSL, that would be just peachy. But from where I sit, I'm still seeing
lots of junk from other sources, usually overseas, and lately a good deal
of domestic from co-lo providers that don't enforce their AUPs.
Charles
Hello Charles & All , Love all of you that want to filter ,
Please do I would bo one of those that you'd filter . I've been
running my little home netowrk for ~8 years using dialup , isdn ,
adsl , cable . Never could get any employer to fork over better
than that . It brings to mind something Randy said ,(something
like) I highly recommend that my compititon ...
That way people (ie: customers who know better) will find a
non/inteligent-filering provider . Please THINK before doing .
Hth , JimL
Mr. James W. Laferriere wrote:
Hello Charles & All , Love all of you that want to filter ,
Please do I would bo one of those that you'd filter . I've been
running my little home netowrk for ~8 years using dialup , isdn ,
adsl , cable . Never could get any employer to fork over better
than that . It brings to mind something Randy said ,(something
like) I highly recommend that my compititon ...
That way people (ie: customers who know better) will find a
non/inteligent-filering provider . Please THINK before doing .
Hth , JimL
You seem to think that customers give ISPs a choice. The fact is, customers scream about the 50-90% spam that hits their mailbox and want it gone at any cost. Whitelisting is easy, and done when requested. Customers are happy.
The stance now stands, if you can't afford a static IP address to properly run a mail server, then use a smart host. If a server isn't static, then the IP address can't be trusted or the next guy at that IP address will be a spammer. Most places will whitelist based on email address or vanity domain if asked.
-Jack
Hello Jack ,
Mr. James W. Laferriere wrote:
> Hello Charles & All , Love all of you that want to filter ,
> Please do I would bo one of those that you'd filter . I've been
> running my little home netowrk for ~8 years using dialup , isdn ,
> adsl , cable . Never could get any employer to fork over better
> than that . It brings to mind something Randy said ,(something
> like) I highly recommend that my compititon ...
> That way people (ie: customers who know better) will find a
> non/inteligent-filering provider . Please THINK before doing .
> Hth , JimL
You seem to think that customers give ISPs a choice. The fact is,
customers scream about the 50-90% spam that hits their mailbox and want
it gone at any cost. Whitelisting is easy, and done when requested.
Customers are happy.
White listing is NOT what was being discussed . Tho is can be
adventagous in the right circumstances .
The stance now stands, if you can't afford a static IP address to
properly run a mail server, then use a smart host. If a server isn't
static, then the IP address can't be trusted or the next guy at that IP
address will be a spammer. Most places will whitelist based on email
address or vanity domain if asked.
And neither was Static addressing . Filtering was being discussed
based on some unknown (to me probably others as well) methodology .
Twyl , JimL
Mr. James W. Laferriere wrote:
<snip>
White listing is NOT what was being discussed . Tho is can be
adventagous in the right circumstances .
<snip>
And neither was Static addressing . Filtering was being discussed
based on some unknown (to me probably others as well) methodology .
Twyl , JimL
White listing comes with any blacklist. The blacklists in particular being discussed were the @dynamics, like the PDL and dynablock at easynet. Both lists quite clearly state how they build their lists and what they are designed to block (dynablock only takes out dialup, and PDL takes out all dynamic addressing).
Given the number of insecure client systems on dynamic addressing (proxy servers, trojans, etc), accepting email from dynamic addresses is becoming inherently more dangerous. If smarthosts can't be used from those addresses, then special whitelisting can be done.
Of course, the person implementing email blocks of any type, especially public blacklists, must take some ammount of responsibility in maintaining legitimate email communications as dictated by users.
-Jack
Hello Jack ,
Mr. James W. Laferriere wrote:
<snip>
> White listing is NOT what was being discussed . Tho is can be
> adventagous in the right circumstances .
<snip>
> And neither was Static addressing . Filtering was being discussed
> based on some unknown (to me probably others as well) methodology .
> Twyl , JimL
White listing comes with any blacklist. The blacklists in particular
being discussed were the @dynamics, like the PDL and dynablock at
easynet. Both lists quite clearly state how they build their lists and
what they are designed to block (dynablock only takes out dialup, and
PDL takes out all dynamic addressing).
Query , How is it determined that the address in question is
dynamic or not ? Who/how/what makes that determination ?
This is the core of my concerns .
Given the number of insecure client systems on dynamic addressing (proxy
servers, trojans, etc), accepting email from dynamic addresses is
becoming inherently more dangerous. If smarthosts can't be used from
those addresses, then special whitelisting can be done.
Highly agreed . But sure am hoping some better solutions are
being developed .
Of course, the person implementing email blocks of any type, especially
public blacklists, must take some ammount of responsibility in
maintaining legitimate email communications as dictated by users.
YES ! Without this there is no check &/or balance to the
procedure/s in use . Twyl , JimL
It's usually determined via in-addr.arpa, whois data, or direct
information from the provider. When MAPS was freely available, I used to
periodically email them updates on our IP space (please add these dial
ranges, please remove these others). I'm sure others did the same.
AFAIK, they had at least one FTE who's job it was to maintain the DUL.
Those large providers who stole copies of the DUL before MAPS pulled the
plug on them, and continued to use them without maintenance still annoy
me as we've run into issues multiple times with space removed from the DUL
still being in their private copies.
> > White listing comes with any blacklist. The blacklists in particular
> > being discussed were the @dynamics, like the PDL and dynablock at
> > easynet. Both lists quite clearly state how they build their lists and
> > what they are designed to block (dynablock only takes out dialup, and
> > PDL takes out all dynamic addressing).
> Query , How is it determined that the address in question is
> dynamic or not ? Who/how/what makes that determination ?
> This is the core of my concerns .
It's usually determined via in-addr.arpa, whois data, or direct
information from the provider. When MAPS was freely available, I used to
periodically email them updates on our IP space (please add these dial
ranges, please remove these others). I'm sure others did the same.
AFAIK, they had at least one FTE who's job it was to maintain the DUL.
Many providers list their own dynamically assigned blocks voluntarily.
It helps the fight against spam to an extent; plus it's good PR.
Someday I expect to either see someone create a list of known MTAs through
which you must register it with some entity, or a list of everything that
isn't an MTA--every statically/dynamically assigned desktop, laptop, home
node, etc... If that ever happens the results should be quite
interesting.
Those large providers who stole copies of the DUL before MAPS pulled the
plug on them, and continued to use them without maintenance still annoy
me as we've run into issues multiple times with space removed from the DUL
still being in their private copies.
I agree. Something like that could have large chunks go stale in a hurry.
If you toss in the number of providers going belly-up since MAPS went
commercial, then that's a lot netblocks that shouldn't be in the DUL and
aren't if people are paying for a current copy (like we do).
Justin