[Asrg] Round 2 of the DNSBL BCP

[Andrew D Kirch]

Chris Lewis wrote:
> Matthew Sullivan wrote:
>   
>> Chris Lewis wrote:
>>     
>
>   
>>> <t>If this indicator is missing (query of 127.0.0.2 returns NXDOMAIN),
>>> the DNSBL should be considered non-functional.</t>
>>>       
>
>   
>> No - there are a few that do not have that address at the moment (they 
>> probably should), but as another example - autoexpiry of the SORBS Proxy 
>> DBs wiped out the test entrys until I hardcoded them in the DNSBl export 
>> script to put the entries in regardless of a matching lookup. Consider 
>> the following (not the wording, only the intent):
>>
>>  If 127.0.0.2 is missing the user should look at the status of the DNSbl 
>> as it MAY be due to zone shutdown.
>>     
>
> I do not think it onerous to suggest that existing DNSBLs that don't use 
> 127.0.0.2 should, and there is enough current practise to suggest it 
> should be codified as a BCP.
>
> Secondly, you'll notice I didn't say "considered shut down" or imply 
> permanence.  If a DNSBL that publishes a 127.0.0.2 diagnostic _stops_ 
> doing it, it is indeed operating out of specification (eg: what else is 
> going wrong?) at least temporarily, and probably shouldn't be used 
> further until it starts signalling 127.0.0.2 properly again.
>
> By stating it this simply, it encourages automation, so if something 
> breaks down, email servers _could_ automatically stop trusting the returns.
>   
Mat,
I've generally agreed with you, but I think this is a pretty low 
barrier, and can fix issues for DNSBL's trying to shut down, especially 
with third party software that use DNSBL's to filter spam.

Andrew