Hi!
I have a lot of mighty servers set up ad have servers at 4 locations. I
have 50mb bought and using about 30 of it now. I am not sure what it
takes to support a default SA inclusion. Does anyone know if what I
described sounds like it is enough?
You personally run all mirrors for DNS lookups? I believe all the other
major DNSBL's have many mirrors not all hosted in the same place.
With SURBL we use much more then 50 mbit. And dont even mention the stuff
you get for free with the regular DDoS once you get on the radar. If you
say, hey i have 20 mbit this should do the trick. Please stop. Seriously.
It certainly does not sound as enough to me. But then again, i dont use
public mirrors so it wont affect me. But i doubt its a wise move to
include this inside SA just like that.
We advised SA in the past about inclusions like this and that time there
was conscences about the whole idea. Imagine a floaky BL, this will impact
the complete mailprocessing flow of many many ISPs and organisations.
Its not like pusing out a new version of RedHat (where we also provide
mirrors there) this is much more about impacting people's internal
mailflows. I would really appreciate that this would be handled with
great care.
Mark, how many people are there working on your BL, more then 1? Not
saying this is bad, just pointing out the risk adding stuff inside SA. Its
not a playground its legacy production stuff for many people.
The DoS/DDoS is really a risk, many of the BL operators have been bitten a
lot of times. For SURBL the worst DDoS we have faced got us a little over 40
Gbit/s. If you feel your company can live without network for some days,
sure, go ahead.... :-) If not, think twice. The DDoS we had lasted for
about 4 days. And we regularly get DDoS attacks, shorter and longer, on
the websites....
To be hounest, and this Mark, is not against you, but the current
situation. How the servers are setup, the single company stuff with the
RBL servers. I rather say, lets include the Barracuda BL, i am not a fan
of that specific list, but the infra is backed up by a large company doing
gigabits of traffic. Not a 'we have 20 mbit left over, lets do it' Any
university user inside .nl has more then that available.
I sincerly hope people realize its a serious thing, and take this mail to
improove things and setups. And please dont include lists that are not up
to the task yet).
thanks for you time.
Raymond Dijkxhoorn.