spamassassin-users January 2011 archive
Main Archive Page > Month Archives  > spamassassin-users archives
spamassassin-users: Re: IPv6 DNSBL/WL design, was Fwd: [Asrg] dr

Re: IPv6 DNSBL/WL design, was Fwd: [Asrg] draft-levine-iprangepub-01

From: Rob McEwen <rob_at_nospam>
Date: Mon Jan 03 2011 - 17:52:29 GMT
To: "users@spamassassin.apache.org" <users@spamassassin.apache.org>

John Levine said:
>> Rob McEwen said:
>>
>> To be extra clear, the kind of sender's list I was talking about
>> wouldn't be the same as a yellowlist because it would ALL types of IPs
>> (black, white, yellow). Except everyone... including spammers... would
>> have to jump through some hoops to get a single IP that list. But this
>> /then/ VASTLY lowers the number of possible IPs that could be
>> subsequently be whitelisted, blacklisted, or yellowlisted.
>
> Depends what your goals are. As soon as you add even the smallest bit
> of qualification, you have all of the pain of any sort of policy based
> list, people complaining that they're listed, complaining that they're
> not listed, lying to you about whether they qualify, and it's not
> worth the effort. An MTA sees a connecting client as white (accept
> everything), black (reject everything) or color-to-be-named-later
> (accept but filter.) As soon as you think a host is not pure spam,
> you're done, since you'll filter it anyway.

John,

Please reconsider... and how about this twist...

Let the IP registrars (arin.net, etc) add a very nominal fee for
allowing networks to designate particular IPs as being used for SMTP.
Perhaps something like this:

$1.00/year/ip for the non-sequential IPs designated by an organization
for SMTP usage
$0.25/year/ip for additional /*sequential*/ IPs designated by an
organization for SMTP usage

(The first IP in a range would cost $1.00, others in the same sequential
range would be 25 cents each.)

Each IP registrar could then publish a master list of ALL participating
IPs, which would be updated once daily, and could be downloaded as a
compressed file via HTTP, etc.

The ONLY criteria is the payment--and whatever each IP registrar
/*already*/ does regarding designating IP ranges for organizations. This
would absolutely keep the volume of IPv6 mail-sending IPs under control.
Once that is done, 99% of ALL of the problems discussed on this thread
disappear!

Actually, a private organization could do the same thing... but they'd
have two disadvantages over the IP registrars. (1) They'd be accused of
"taking money from spammers", (2) AND... they'd have a harder time
acheiving "critical mass".

IP registrars already take money from spammers and no one things twice
about that. And the IP registrars would have an easier time gaining
"market share" on this idea and could quickly convince everyone in the
industry to block e-mail that is not on that master list at the
beginning of the spam filtering process. Then the DNSBLs would /only/
have to blacklist particular IPs from amongst those which /are/ included
in that master list.

ALL other IPs (not on the master list) would be completely be ignored by
everything for SMTP, as if those IPs didn't exist. So there wouldn't be
a need to blacklist them.

-- Rob McEwen http://dnsbl.invaluement.com/ rob@invaluement.com +1 (478) 475-9032