On Sat, 14 Mar 2004, Paul Vixie wrote:
What you seem to actually be looking for is a connection with a fixed IP address which doesn't share "address reputation" with others.
no, i'm looking for a way to share address reputation amongst a group of serious-minded professional power-users who have learned over the years how to maintain their own BSD or Linux platform.
Ah, so its mostly a boutique mystic issue. I understand. I can't afford Equinix's prices, so I have my personal server in a small colo outside the California earthquake zone. Strictly an issue of money.
Why prevent people from running servers on DSL and cable modem connections, yet say they could run an identical server in a colo?
because most providers don't want to give out static ip addresses, for one thing.
Most DSL and Cable modem providers will assign static IP address, just not for the same price for the same product. You pay more, which turns out to be very close to what you would pay for a static IP address in a colo. Coincidence?
Why is one unsafe, and the other is considered Ok? this isn't a technical thing. it's all about people getting what they want.
Actually its about convincing block list operators that your IP address is "Ok" to run a server. Some block list operators choose to list large ranges of IP address, even if any particular address never did anything, such as all APNIC address or anything they think (but not always is) a "dialup" address. Because block list operators make mistakes, people wanting to run servers are forced to find IP address ranges "far enough away" not to be mistaken for a dialup address range. If the block list operators think it is a "dialup" range, they pre-emptively block all the addresses in the range. If the block list operators think it is a "static" range, regardless if it is a server in a colo or T1 line to your house, they usually don't pre-emptively block the address. It has very little to do with the quality of the ISP's abuse desk. UUNET is listed by Spamhaus as one of the worst ISPs for spam, but UUNET T1 address ranges aren't pre-emptively blocked. But large DSL or cable address ranges, even if the addresses are statically assigned to specific customers, are pre-emptively blocked. I suppose ISPs could create boutique service provider subsidaries for serious-minded professional power-users. Ask ARIN for independent "elite" IP address ranges. Maybe even get a different 1-800 number for customer service and abuse complaints. Of course, customers would pay more for this "elite" service.