Skip to Content.
Sympa Menu

discuss - Re: [opennic-discuss] letit2 [.] bit blacklist

discuss AT

Subject: Discuss mailing list

List archive

Re: [opennic-discuss] letit2 [.] bit blacklist

Chronological Thread 
  • From: Jeff Taylor <shdwdrgn AT>
  • To: discuss AT
  • Subject: Re: [opennic-discuss] letit2 [.] bit blacklist
  • Date: Thu, 03 Aug 2017 09:19:22 -0600
  • Authentication-results:; dmarc=none
  • Dmarc-filter: OpenDMARC Filter v1.3.0 8C5122D522

Regarding blacklists... First off, yes I would definitely be in favor of such a system, and in fact we already have the initial framework in place. Remember the whitelist API? I also set up a blacklist API with the same code. The data resides in LDAP and is part of the ACL list generated by another API.

After my experiments with blocking an individual domain in BIND yesterday, I believe I could modify the blacklist API to also accept domain names. The ACL file would then create separate entries for the domain names that would feed into a localhost hole. Anyone can pick up these files and use them however they want, and I could even add categories to the entries so that members have even finer control of what they block. As always opennic server operators will be free to operate their servers according to their own rules, however I think it that considering the problems we've seen it would be useful to at least provide the tools to handle the issue for those that want it.

On 08/02/2017 01:02 PM, Calum McAlinden wrote:
I think that a blacklist preventing these domains from ever being included in the zone would be a good idea. It could be published, produced and reviewed democratically with full transparency. I would be willing to produce some sort of web interface for this.

Would anyone be in favour of such system? I sense that there is a lot of opposition for any blocking of any kind, but it is important to acknowledge that these domains would probably fall foul of OpenNIC policies and be removed if they were OpenNIC TLDs. It would not make OpenNIC any less democratic, and it is not much different to blocking on individual T2s anyway.

Archive powered by MHonArc 2.6.19.

Top of Page