This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/anti-abuse-wg@ripe.net/
[anti-abuse-wg] RBL policy
- Previous message (by thread): [anti-abuse-wg] abuse-c implementation
- Next message (by thread): [anti-abuse-wg] RBL policy
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
ox
andre at ox.co.za
Mon Jan 30 07:13:37 CET 2017
Hello All, May I please solicit some comments about Abuse Block lists (Without detracting from RFC 5782 and RFC 6471 or : https://www.ripe.net/publications/docs/ripe-409 ) Firstly, the background for the start of this thread is simply: As the use of machine learning technology is now also applied and adapted for the use of cyber criminals (including spammers, scammers, etc) the rules and what is socially acceptable is and has changed. Global politics, protectionism, nationalism and the other 'isms' are also causing change. Considering that DNSBL tech is "reactive" (after he abuse) The block time policies of RBLs *********************************** There are two main types of block lists: No automatic removal and automatic removal Is the policy to auto de-list after a period of time, still accurate? Considering the change in abuse patterns and technology, should the block times be increased or de-creased? Does society require more specialist non auto de-list DNSBLs? (Would it be helpful to law enforcement to have a "child pornography" dnsbl? or a phish dnsbl? - or is the reactive time to high in order for dynamic ipv4? - but on ipv6 allocations to devices could be more 'permanent'? etc) Andre
- Previous message (by thread): [anti-abuse-wg] abuse-c implementation
- Next message (by thread): [anti-abuse-wg] RBL policy
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]