On Sep 8, 2009, at 11:13 AM, Jay Hennigan wrote:
John Curran wrote:
<snip>
I'm sure there's an excellent reason why these addresses stay
blocked, but am unable to fathom what exactly that is...
Could some folks from the appropriate networks explain why
this is such a problem and/or suggest additional steps that
ARIN or the receipts should be taking to avoid this situation?
I don't think there is an excellent reason, more likely inertia and
no real incentive to put forth the effort to proactively remove
addresses.
<snip>
In addition there are several DNSBLs with different policies
regarding delisting. Some just time out after a period of time
since abuse was detected. Some require action in the form of a
delisting request. Some require a delisting request and a time
period with no abuse. Some (the old SPEWS list) may not be easily
reached or have well defined policies.
In meatspace, once a neighborhood winds up with a reputation of
being rife with drive-by shootings, gang activity and drug dealing
it may take a long time after the last of the graffiti is gone
before some cab drivers will go there.
--
Jay Hennigan - CCIE #7880
<snip>
I think this most accurately reflects the reality I see dealing with
mostly enterprises and mid-to-large xSPs.
A lot of mid-range enterprises out there have legacy "free" (often
meaning "subscriptions aren't enforced") DNSBLs in place that were
configured years ago as a desperate attempt to reduce e-mail load,
before there were well-maintained alternatives. The problem is that
these services usually don't have the resources to put a lot of
advanced automation and sophisticated logic into place, so delisting
is a huge hassle (and some times resembles extortion).
There are some quality "free" services, such as Spamhaus (speaking
personally), but they're few and far between.
I've had better luck convincing customers (or customers of customers)
to stop using the poorly-maintained legacy DNSBLs than I've had
getting customers delisted from such services.
YMMV.
Brian Keefer
Sr. Solutions Architect
"Defend email. Protect data."