At 07:08 AM 9/25/2003, Rich Braun wrote:
But generating the blocklist requires real-time reporting back to a central server. Even if the server is decentralized, it will still require a relatively small handful of accessable IP addresses.
I seem to recall a distributed server network, something called USENET, uses NNTP for sharing data with other servers in the network... Last I heard there were over 30,000 such servers netwide/worldwide, all sharing data with one or more neighbors, automagically sharing data that is input into one system to all systems in a relatively and reasonably short amount of time. I propose that a private spamrbl nntp server system be established. Only allow feeds from those you know, use PGP authentication for all feeds and all submissions. If there is a personally verifiable web of trust built around personally verified signed PGP keys, it should prevent spammers from infiltrating the system. Perhaps the only way you can get approved/added to the network is to be approved by your upstream or a peer, and so they are held accountable for letting you into the system. This system could house a number BLs, each as a "newsgroup", allowing each network to then utilize the BLs that they want to implement in their network at any given time. Some of the newsgroups could be open, anyone can add a listing, others would be moderated (e.g. Monkeys or Spamhaus) and only the moderator(s) could add or remove listings. It seems too easy. I must be overlooking something really stupid and obvious about why this won't work. jc