<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=us-ascii">
<TITLE>Message</TITLE>
<META content="MSHTML 6.00.2800.1050" name=GENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=#ffffff>
<DIV><SPAN class=491152806-23072002><FONT face=Arial color=#0000ff size=2>IMHO
Even the really large DNSBL's are barely used -- I think (much) less than 5% of
total human mail recipients are behind a mailserver that uses
one...</FONT></SPAN></DIV>
<DIV><SPAN class=491152806-23072002><FONT face=Arial color=#0000ff
size=2>--Phil</FONT></SPAN></DIV>
<BLOCKQUOTE dir=ltr style="MARGIN-RIGHT: 0px">
<DIV></DIV>
<DIV class=OutlookMessageHeader lang=en-us dir=ltr align=left><FONT
face=Tahoma size=2>-----Original Message-----<BR><B>From:</B>
owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] <B>On Behalf Of
</B>Big_Bandwidth<BR><B>Sent:</B> Tuesday, July 23, 2002 2:14 AM<BR><B>To:</B>
nanog@nanog.org<BR><B>Subject:</B> Security of DNSBL spam block
systems<BR><BR></FONT></DIV>
<DIV><FONT face=Arial size=2>
<DIV><FONT face=Arial size=2>What are the security implications of someone
hacking a DNSBL (Real-time-spam-block-list) and changing the block list to
include (deny email from) some very large portion or all IPv4
space? </FONT></DIV>
<DIV> </DIV>
<DIV>Given that a signifigant number of the spam blocking lists seem to
operate on a shoestring budget in someone's basement, how can we be assured
that they have sufficient resources to secure their systems adequatley, and
monitor for intrusion 24x7?</DIV>
<DIV> </DIV>
<DIV>Unless I am missing something, this would seem to be a real handy and
centralized method for someone to interfere substantially with
the proper operation of a few thousand email servers and hold up global email
traffic for a few hours.</DIV>
<DIV> </DIV>
<DIV>-BB</DIV>
<DIV><FONT face=Arial size=2></FONT> </DIV>
<DIV> </DIV>
<DIV> </DIV>
<DIV> </DIV></FONT></DIV></BLOCKQUOTE></BODY></HTML>