RE: RBL-type BGP service for known rogue networks?

[Karyn Ulriksen <kulriksen () publichost com>]

Rodney Joffe wrote:
> If you are talking about any of the MAPS black holes (RBL RSS etc.) the
> process of getting in there is not arbitrary. It actually takes work. So
> the likelihood of an innocent bystander ending up there is close to
> zero.

Rodney would know! I remember having to figure out how to email him back in
the early spam days when I was at AnaServe. He'd blackholed one of my
subnets due to a dedicated client I had back then who was spamming
profusely.

The only downsides I saw in it is that our network was not notified prior to
the blackholing (although many avenues where publicly available) and I think
that subnet is STILL (despite many, many requests and 4 years later) listed
on black lists even though its neither being black holed or utilized by
spammers.  However, I wouldn't be surprised if some overzealous netadmin
came across one of those lists and threw it in for good measure.  Not my
problem anymore, but UUNet's next customer who gets that block may be in for
a surprise...

Karyn

-----Original Message-----
From: Rodney Joffe [mailto:rjoffe () centergate com]
Sent: Friday, July 07, 2000 1:53 PM
To: nanog () merit edu
Subject: Re: RBL-type BGP service for known rogue networks?





John Kristoff wrote:
> Perhaps I wasn't clear...
>
> The organization in question does nothing wrong... but somehow gets in
> the blackhole list either by someone spoofing their netblocks, from
> faked complaints or other means.  Thus, causing the said organization to
> be denied connectivity by some malicious person(s).

If you are talking about any of the MAPS black holes (RBL RSS etc.) the
process of getting in there is not arbitrary. It actually takes work. So
the likelihood of an innocent bystander ending up there is close to
zero.

/rlj