Questions about populating RIR with customer information.
Douglas Otis
dotis at mail-abuse.org
Thu Aug 2 18:18:19 UTC 2007
On Aug 1, 2007, at 7:10 AM, <michael.dillon at bt.com>
<michael.dillon at bt.com> wrote:
>
>> Does anyone have any thoughts on this? Sorry if this is the wrong
>> place to ask.
> It would be better for you to join an organization like MAAWG
> http://www.maawg.org/home which is attempting to define best
> current practices for ISPs. I don't know whether or not they have
> dealt with this particular issue yet, but it sounds like something
> that falls under their umbrella.
There were recent efforts made within ASRG with respect to black-hole
lists. The AS, and not the IP address, indicates the responsible
entity.
For our service, some lists coalesce CIDRs into larger ranges based
upon the presences of spam in a majority of the included IP
addresses. This process is algorithmic, and not dependent upon other
information. We now also offer a service where this "escalation" is
not used in less aggressive listings. A customer can now change the
active list at any time. : )
Reverse listing information may help in determining whether a CIDR is
assigned to DUL only when the ISP is not responsive. For the DUL,
the AS is authoritative with respect to what gets listed. As long as
there is some communication with ISP, there should never be a problem
with this list. We are adding a portal to make this process easier
to manage. The other side of this issues is that we tend to deal
with complaints from the ISP's customers who often feel their IP
address should not be placed into this category. In those cases,
these customers must be referred back to their provider, as only
their provider is authoritative in this matter.
Now that Microsoft joined the MAAWG board, security or operational
concerns related to Sender-ID/SPF are being muted. While I admit to
being biased about possible DDoS exploits, it is also clear MAAWG is
somewhat biased about Sender-ID. : (
-Doug
More information about the NANOG
mailing list