On Wed, 09 Sep 2009 15:13:44 EDT, Martin Hannigan said:
Not sure that this is an ARIN problem more than an operational problem since RBL's are opt-in. An effort to identify RBL's that are behaving poorly is probably more interesting at this point, no?
I suspect the problem isn't poor RBLs, it's all the little one-off block lists out there. The NANOG lurker in the next cubicle informs me that we currently carry an astounding 52,274 block entries (to be fair, a large portion is due to our vendor's somewhat-lacking block list - if we decide a /24 is bad, but then want to whitelist 1 IP, we have to de-aggregate to 254 black entries instead). We get maybe 5-6 blocked e-mail complaints a day - which *still* represents better performance for our end users than if we didn't carry around that many blocks (for comparison, we get at least 3-4 times that many tickets a day for people who forgot their e-mail password and need a reset). And yes, it's *very* intentional that we have a business process in place that makes it trivially easy for one of our users to open a "I can't get e-mail from <here>" and get it taken care of *very* quickly, but opening a "We can't send e-mail to your users" is a lot more challenging and time consuming (at least for the complaintant). Now, if we didn't have a dedicated, hard-working, and skeptical lurker in the next cubicle, our block list *would* be a mess.. ;)