[Operators] DNSBLs
Peter Saint-Andre
stpeter at stpeter.im
Wed Nov 18 21:01:41 CST 2009
On 11/18/09 6:54 PM, Sean Dilda wrote:
> Peter Saint-Andre wrote:
>> On 11/18/09 9:39 AM, Sean Dilda wrote:
>>> Norman Rasmussen wrote:
>>>> I was under the impression the DNS block lists don't work well anymore
>>>> (too many false positive, not enough true negatives)
>>> DNS block lists are commonly used by many organizations and large
>>> companies. Often they're used as one of several factors in deciding if
>>> the email received is spam.
>>
>> How is your DNSBL built? What are the inputs? How does the operator of
>> an XMPP service find out if their domain or IP address is listed? Do you
>> return a particular stream error to entities that are on the DNSBL? How
>> does a service remove itself from the list? Where is the list maintained
>> and by whom? How does someone access the list? What if the machine on
>> which the DNSBL is located gets hacked? Does this introduce a single
>> point of failure or attack for the XMPP network?
>>
>> I have many questions. :)
>
> Peter, Who was that directed at? You responded to my post, but it
> sounds like you're asking about Evgeniy Khramtsov's implementation for
> jabber.ru.
Indeed, I was curious about the jabber.ru deployment. I just happened to
reply to the most convenient message. :)
> However, I will give input on the last few and my thoughts on how it
> *should* be done. In the email world there are several independent
> organizations which host dnsbls. Each one has their own standards for
> identifying a spamming site and their own policies for removal, etc.
> Some are known to be very quick to add a site and thus result in many
> false positives, whereas others are more conservative as to what sites
> they add. As such, each site admin is able to choose which dnsbls they
> wish to listen to and how much weight to put on each DNSBLs data.
Well, at least that reduces my concern about a single point of failure
and attack...
Peter
--
Peter Saint-Andre
https://stpeter.im/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 6820 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://mail.jabber.org/pipermail/operators/attachments/20091118/19a84ca4/attachment.bin>
More information about the Operators
mailing list