On 26/06/2010, at 3:51 PM, Nathan Ward wrote:
Educating a customer of any ISP, be it an ADSL
provider or a hotspot provider, that their IP address is in the spamhaus XBL likely
isn't very helpful, especially when it's a public hotspot (where they can't
actually fix the root cause) as opposed to say a home (where they can). Can an end user
de-list themselves from the XBL, or does their ISP have to do it for them?
This is all getting a bit confused with three separate things being mixed together:
- public hotspots nearly all use private address space behind a NAT that aggregates all
the clients behind a single IP, so what gets blocked is the NAT device IP and then by
extension every hotspot user, but individual users are not getting blocked. In this case
the hotspot provider should be paying attention to the RBLs (or at least accepting
notifications) so that they can protect the reputation of their NAT device and the service
available through the hotspot. If they do not do this then over time their hotspot
service will degrade and it will cost them. There is nothing they can realistically do
about their users being infected.
- the education bit is often done by ISPs who find it easier to use an RBL to block and
await the call than to try and contact the user themselves. Obviously not all ISPs see
the business sense in this and some do not even care about infected customers.
- then there are service providers (now called 'cloud' providers but when I were a
lad ...) who are not ISPs, often have peripatetic customers and who wish to protect their
infrastructure. For them is makes sense to use an RBL to protect their systems. Again
the impact of them not doing this is increasing reputational damage. For example if my
email provider that started this thread did not block and I was infected then their mail
servers would soon be labelled as a regular source of spam and people would start to
refuse connections from them, affecting all their customers. Not that sensible for a
'cloud' email provider.
All these things are distinct and all quite rational.
NZNOG mailing list
.nz Registry Services (New Zealand Domain Name Registry Limited)
desk: +64 4 931 6977
mobile: +64 21 678840