ARIN-PPML Message

[arin-ppml] REQUEST FOR ARIN STAFF Was: Re: Policy Proposal 120: Protecting Number Resources

On Tue, Nov 9, 2010 at 6:29 PM, Leo Bicknell <bicknell at ufp.org> wrote:
> The actual number I was looking for was not the size of the space,
> but the NUMBER of netblocks.  I'm more curious if it's 500 or 5000
> defunct blocks per year because I suspect the staff time is more
> proportal to the number of blocks that must be investigated than
> the space.

Hi Leo,

It occurred to me that would be the more interesting number for this
discussion. How many blocks, not total size, and only the ones
reclaimed for non-payment. I'd also like to see the minimum, median
and maximum length of time that the blocks were registered before
reclamation. With those numbers it should be possible to make a decent
SWAG as to how many blocks actually are abandoned down in the legacy
pools.


> But imagine how much spam could be sent, or malware distributed
> from a /16 of space someone was able to hijack because the original
> owner was no longer interested in it.  I think finding this space and
> taking away the big "hijack me" sign on it could be a real benefit to
> the network as a whole.

You know, I don't buy that argument. Space that isn't presently being
announced for whatever reason is vulnerable this activity. The forged
documents that the ISP doesn't scrutinize too closely look exactly the
same. It doesn't really matter whether that's because its abandoned or
because it's merely in a use off the Internet.

In both cases it's really the same difference whether its space
someone brought in or space provided by the ISP. Either way the
complaint quickly finds its way to the ISP which either takes abuse
seriously or doesn't.

If you want *real* antispam value here, have ARIN establish an
RBL-style whitelist and delegate it to the registrants the same way
RDNS is. Let them flag in this DNS tree which servers they *intend* to
originate mail with a default result of "maybe." That'll clean up the
route hijacks for spamming that don't first gain control of the ARIN
record.

Regards.
Bill Herrin


-- 
William D. Herrin ................ herrin at dirtside.com  bill at herrin.us
3005 Crane Dr. ...................... Web: <http://bill.herrin.us/>
Falls Church, VA 22042-3004