Questions about populating RIR with customer information.

Thu Aug 2 18:18:19 UTC 2007

On Aug 1, 2007, at 7:10 AM, <michael.dillon at bt.com>  
<michael.dillon at bt.com> wrote:
>
>> Does anyone have any thoughts on this? Sorry if this is the wrong  
>> place to ask.

> It would be better for you to join an organization like MAAWG  
> http://www.maawg.org/home which is attempting to define best  
> current practices for ISPs. I don't know whether or not they have  
> dealt with this particular issue yet, but it sounds like something  
> that falls under their umbrella.

There were recent efforts made within ASRG with respect to black-hole  
lists.  The AS, and not the IP address, indicates the responsible  
entity.

For our service, some lists coalesce CIDRs into larger ranges based  
upon the presences of spam in a majority of the included IP  
addresses.  This process is algorithmic, and not dependent upon other  
information.  We now also offer a service where this "escalation" is  
not used in less aggressive listings.  A customer can now change the  
active list at any time. : )

Reverse listing information may help in determining whether a CIDR is  
assigned to DUL only when the ISP is not responsive.  For the DUL,  
the AS is authoritative with respect to what gets listed.  As long as  
there is some communication with ISP, there should never be a problem  
with this list.  We are adding a portal to make this process easier  
to manage.  The other side of this issues is that we tend to deal  
with complaints from the ISP's customers who often feel their IP  
address should not be placed into this category.  In those cases,  
these customers must be referred back to their provider, as only  
their provider is authoritative in this matter.

Now that Microsoft joined the MAAWG board, security or operational  
concerns related to Sender-ID/SPF are being muted.  While I admit to  
being biased about possible DDoS exploits, it is also clear MAAWG is  
somewhat biased about Sender-ID. : (

-Doug