At 12:23 PM 6/29/98 PDT, Dave Rand wrote:
Unallocated is (once again) a state of mind. By unallocated, the RBL looks upon the IANA allocation of space, not the ARIN view. So, for example, 2.0.0.0/8 is on the RBL (as is 0.0.0.0/8). We watch for IANA allocation of new blocks, and when they are allocated, remove them from the RBL. Of course, this takes more work, and requires that we watch closely.
I wonder if there could someday be a way to do this without all the work?
The RBL, in BGP mode, is used by route-mapping the addresses listed on the RBL to a specific address. You can, for example, route all traffic to RBL listed hosts to go through a 9600 bps dialup port. Or you can route them to a T1. Or you can route them to the loopback port, which is what most people do. The RBL doesn't filter the BGP table, at all.
Sorry, I misspoke. I just meant that I some customers have specifically requested that I *not* filter/rate limit/drop/whatever blocks in the RBL. But thank you for the suggestion about taking just the /8s from the RBL. I will definitely look into it.
You can't automate it, easily. But by using the RBL, you can certainly get the real-time aspect of it handled well.
Heh, with the RBL, *I* can automate it - you're the one doing the work! :) For which I thank you and Paul and everyone else profusely. Of course, if anyone with a /8 (e.g. BBN or PSI) gets onto the RBL, I could be in trouble. Would the RBL ever list a /8 just for SPAM? (Again, I am not saying that's wrong - people don't have to take the RBL. I'm just asking to make my filters more effective without pissing off my customers.)
Dave Rand
TTFN, patrick ************************************************************** Patrick W. Gilmore voice: +1-650-482-2840 Director of Operations, CCIE #2983 fax: +1-650-482-2844 PRIORI NETWORKS, INC. http://www.priori.net "Tomorrow's Performance.... Today" **************************************************************