On Thu, Nov 19, 1998 at 01:58:40PM -0800, George Herbert wrote:
RBL policy is that they won't block anything more general than is warranted by particular spam complaints and the subsequent actions in response to those complaints or to a pattern of complaints. For example, a bunch of complaints come in reporting that various dialups spammed ads for www.biteme.com, a masochist oriented porn site, which is hosted on an IP address which is part of wehost.net . The proper procedure is that people complaining to RBL have to have contacted wehost.net and not gotten appropriate responses. RBL people will (always?) contact wehost.net for a final warning and status check prior to the block, and will only block the /32 corresponding to www.biteme.com's actual IP address. Thus, no wehost.net customer other than biteme will be inconvenienced.
That does nothing at all, since the only listener on www.biteme.com's address is a web server.
So yes, under (as I understand them) existing RBL rules, it is possible for purely innocent parties to get bitten (other non-spam related customers of wehost.net) if the ISP fails to respond properly for a significant length of time and number of incidents. I feel that's fair; if the ISP becomes the problem, then they should feel some heat. As long as the criteria for the ISp being RBled as a whole are sufficiently demanding so ISPs that are merely slow or not-entirely-cooperative don't get unnecessarily RBLed, that makes sense to me.
That's not the scenario that was postulated and led to the latest threat. -- -- Karl Denninger (karl@denninger.net) http://www.mcs.net/~karl I ain't even *authorized* to speak for anyone other than myself, so give up now on trying to associate my words with any particular organization.