[rbldnsd] List servers

[Scott Haneda]

On Mar 14, 2010, at 5:55 AM, Michelle Sullivan <matthew at sorbs.net>  
wrote:

> If you wish to make a public service and if it becomes popular you
> should prepare for this sort of bandwidth as dealing with the  
> traffic as an after thought, whilst not impossible is significantly  
> more
> difficult.  You should also be aware that some DNSBls (aka "the
> competition") will request strongly (demand) they are placed first in
> the "we've blocked you" priority, and whilst with some MTAs this can
> mean less lookups to you, it can also mean that you see the traffic  
> and
> the blocked party never sees your blocked message so you will not get
> advertising revenue.

I don't entirely understand this statement. You mean that the default  
install of other RBL definition lists get demands to put certain RBL's  
higher up in their config lookup order?

For example, SpamAssassain may come pre-defined with 5 known BL's, and  
will have pressure from larger BL's to list those in some form of order?

I had no idea about this, nor did I think anyone used the default  
lists. Everyones MTA traffic and internal policy is different. What a  
school may get away with using as a BL, an ISP may not, and have to be  
much less agressive.

I also figured advertising as a model of income was really not there.  
It's all end user eyeballs blind in my opinion. You may get some  
secondary curiosity hitting your website; nothing I would think could  
translate to advertising revenue.

If I were to go at this, it would be free for non business use, and  
price tiered to queries per day for commercial use.

I always wondered how hard it would be to build the accounting side of  
an RBL with that payment model. How to count lookups based on a  
particular MTA. They can eaily just lookup through a secondary source  
like 8.8.8.8, being a source you could never really block requests  
from. Or perhaps you could, I suppose most rr's don't have a lot of  
business querying an RBL.

Thanks for any general light you can shed on this. It's mostly  
curiosity. While my zone is small I do think it is unique and  
powerful, but may only prove to be so for my particular user base.

> Similarly if a large appliance vendor (or scoring
> program such as Spamassassin etc) picks up your list you will see a  
> lot
> of DNS queries with no return traffic for any revenue.

Understood. Though still wondering about my previous question.

> For general interest SORBS' main RBL servers are currently running at
> 6.5T/month of DNS traffic per server, there are 15 "main" servers.

Holy smokes. I had no idea. Is that all queries? Or I assume that's a  
good deal of rsync as well?

I always figured rsync would be too latent in data to be truly useful.  
IP's/email addresses/URI's/domains come and go so fast. This entire  
model is built around fast delisting for errors, and even faster  
listing for spammers to be effective.

That means an rsync based system to do local lookups would be pulling  
your entire zone perhaps once every hour or more? Granted, it's only  
the delta that's pulled. Apx what is the delta in MB's in average?  
Assuming you can share that data.

> That equates to around US$2000 per month in traffic alone for a  
> provider
> such as Softlayer.

Not a terrible cost. That's bandwidth only though? I assume there are  
colocation costs, amperage considerations, and the hardware?

It's not very specialized hardware. Would a rack of many small high  
density yet powrful machines such as Mac Mini's be an option?

I can rack up 40 or so of those in maybe 10U of cabinet space front to  
back. They put out little heat, use near no power, hold plenty of  
memory... I imagine SSD's could be good in this case, if a machine  
dies, nit a big deal with the redundant nature of this entire system.

> Add to that traffic for rsync access, any website (including delisting
> process and information) and you should realise that starting a new
> DNSBl is nothing to be taken lightly.

Agreed there. I've had this pipe dream a long time. To do something  
that could give back to a group community I have leeched off of for a  
long time, generally at the cost of no more than what I can donate  
every year.

Every time I think about moving forward, I consider many of the things  
you brought up, and realize it's not a one man operation. I could get  
people to help, but feel you need more. You need people who share a  
passion fir this completely strange, underground, thankless to the  
general public, largely invisible service.

The thanks you get; "Hey jerk, stop blocking my emails. I'll sue  
you!!!". "see our FAQ, we do not block emails, talk to your ISP".

Speaking of which, does SORBS retain lawyers? Would you say it's  
almost mandatory to do so? Or can some one time legal forms be created  
that can be reourposed?

If this all moved way too OT, let me know (list admins and community)  
and I'll instantly stop and pull this to where Matt suggested.

Thanks to rbldnsd for your software to make this even possible, great  
work, amazing track record in stability abd performance. Thank you  
Matt & SORBS ( abd all DNS lists ) for all you do to our inboxes.

-- 
Scott * If you contact me off list replace talklists@ with scott@ *  
(Sent from a mobile device)