[ppml] black hole lists
Paul Vixie
paul at vix.com
Wed Apr 20 22:59:17 EDT 2005
in today's meeting, william(at)elan mentioned some stuff about what he
called "blacklists". as the original inventor, and as someone who's
spent a lot of time listening to lawyers, i ask you all to please call
them "black hole lists".
i also offered a partial apologia for the existence of the phenomena
of black hole lists in the internet economy. i mentioned an old
argument between myself and john gilmore wherein he complained that
even if my own (at that time) "MAPS RBL" was responsibly run (which
he didn't say was possible), my example would inspire many others to
do the same thing, sometimes for political or hate related reasons,
often irresponsibly. i admitted that this was true (and it was) but
i didn't know of an alternative: the internet had been invaded, and
without an immune system i didn't see how things could continue.
i still don't. as long as there is abuse, there will be black hole
lists. and my closing comment today was "but if you want to kill
black hole lists once and for all time, all you have to do is fund
your abuse desks." someone asked me about this afterward and i told
him "if abuse desks were properly staffed and trained and empowered
to disco customers without lengthy approval processes, then the risk
of subscribing to a black hole list would begin to outweigh the risk
of not subscribing to any, and black hole lists would start to die off."
i recognize that in a post-dot-com-bust economy it's hard to justify
this kind of spending. those of you who refuse my abuse complaints
on the basis that "it has a mime attachment, which could be a virus,
and we're reading the abuse mailbox with microsoft outlook" are very
probably doing the best you can.
but for every $1B the industry doesn't spend proactively on abuse desk
services, the industry will spend $5B on weak reactive handling, and
lose an additional $5B due to false positives, overreactive /
irresponsible black hole lists, lost opportunities, and lost credibility
/ trust.
More information about the ARIN-PPML
mailing list