[Dshield] Idea for dealing with ISPs that ignoreabusenotificatons was RE: The Art/Tao/Zen of Abuse e-mails(Was:[Fwd: WHY IS YOURCUSTOMER...])

Valdis.Kletnieks at vt.edu Valdis.Kletnieks at vt.edu
Sun Aug 27 20:29:23 GMT 2006


On Sat, 26 Aug 2006 10:45:51 PDT, "Tomas L. Byrnes" said:
> I think this is great, for a network that doesn't NEED to provide access
> from the broader Internet on a non-prior contact basis (like your home
> PC, or a small company that uses outsourced e-Mail). 

Note that I replied to a paragraph that specifically said the sources
they needed to talk to was a dozen or so.  The point is that all too
often in this sort of situation, the firewall admin *still* tries to block
bad sources, rather than just allow known good ones....
 
> But it doesn't work at all for general purpose web servers, or mail
> servers where you actually may want to hear from people you've never
> heard from before.
> 
> Both those criteria apply to just about anyone who uses the 'net for
> business purposes.

I think you'll find that *MOST* people using the net for business can
trim out a *lot* of stuff.  If you only actually transact business inside
the US, you probably don't need to allow connections from the Pacific Rim
or Europe.  Lop.  Lop.  Lot less sources for mischief.  (And it works both
ways - if you're a Tokyo-based company, it may very well be reasonable to
lop off all US netblocks...)

Yes, some sites *have* to talk to the whole world, because they're global.
For instance, I'd be summarily made fun of if I suggested my site did any
major filtering like that, because we really *do* talk to the world.

On the other hand, www.shelor.com is a car dealership in this county.  How
much are they *really* going to hurt their sales if they restrict hits to
US sources only?  How many times have they sold a car to a Canadian? Or
somebody from France?  Or Zimbabwe?  They're a *huge* dealership, but I doubt
they are *that* huge... ;)

(Strictly speaking, shelor.com shouldn't even be polluting the .com zone, but
should be under .va.us someplace - but *that* battle is long lost....)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 226 bytes
Desc: not available
Url : http://lists.dshield.org/pipermail/list/attachments/20060827/c9921c00/attachment.bin 


More information about the list mailing list