Skip to Content.
Sympa Menu

discuss - Re: [opennic-discuss] letit2 [.] bit blacklist

discuss AT

Subject: Discuss mailing list

List archive

Re: [opennic-discuss] letit2 [.] bit blacklist

Chronological Thread 
  • From: Jeff Taylor <shdwdrgn AT>
  • To: discuss AT
  • Subject: Re: [opennic-discuss] letit2 [.] bit blacklist
  • Date: Wed, 02 Aug 2017 15:03:31 -0600
  • Authentication-results:; dmarc=none
  • Dmarc-filter: OpenDMARC Filter v1.3.0 9752C2D4CF

Well I got my whitelist access issue sorted out. Funny thing is I think I had an open resolver running on the old ISP as well. Now it's working properly so it will resolve any of my local domains for everyone, but only resolve recursively to those who are whitelisted. That should also resolve my issues with spamhaus and anyone else who wants to pretend like they are the guardians of the internet.

The filter has been pulled from, it is once again fully resolving the internet.

I agree that we should not be bullied by entities such as spamhaus. I mean, they're a great filter, I use the myself on my mail servers, but they are certainly NOT going to stop the spam problem by blacklisting all opennic servers. However you have to keep in mind that opennic is run by *volunteers*. We don't all have money to pay for both our private connections AND a hosted server, and some concessions should be made since this whole project started out on people's home servers and many of us still run services from there.

Whitelisting is certainly an option though. That's what I do (or *thought* I was doing) and when it's working properly it should prevent any such issues from outside entities blocking us. However perhaps it is time to reconsider a 'filtered' option? A number of servers run on multiple ports... what if we had a domain blacklist distributed through the API that would allow people to run filtered DNS queries on port 53, but allow unrestricted queries through an alternate port? For that matter, I could even see running whitelisting on port 53 and unrestricted access on an alternate port. There are any number of possibilities available here, so I don't think we should discount any options that allow our members to continue running their public servers without harassment.

On 08/02/2017 02:16 PM, Al Beano wrote:
Why does it matter? Spamhaus can make as many lists as they want, OpenNIC
doesn't answer to them.

If they're going to do this, I think it's best to concede that you can't run
DNS and mail on a single server — I'd rather that than be bullied by Spamhaus.

Archive powered by MHonArc 2.6.19.

Top of Page