On 9/30/2009 10:25 PM, Raymond Dijkxhoorn wrote:
Hi!
I have a lot of mighty servers set up ad have servers at 4 locations. I
have 50mb bought and using about 30 of it now. I am not sure what it
takes to support a default SA inclusion. Does anyone know if what I
described sounds like it is enough?
You personally run all mirrors for DNS lookups? I believe all the
other major DNSBL's have many mirrors not all hosted in the same place.
With SURBL we use much more then 50 mbit. And dont even mention the
stuff you get for free with the regular DDoS once you get on the radar.
If you say, hey i have 20 mbit this should do the trick. Please stop.
Seriously.
It certainly does not sound as enough to me. But then again, i dont use
public mirrors so it wont affect me. But i doubt its a wise move to
include this inside SA just like that.
We advised SA in the past about inclusions like this and that time there
was conscences about the whole idea. Imagine a floaky BL, this will
impact the complete mailprocessing flow of many many ISPs and
organisations.
Its not like pusing out a new version of RedHat (where we also provide
mirrors there) this is much more about impacting people's internal
mailflows. I would really appreciate that this would be handled with
great care.
Mark, how many people are there working on your BL, more then 1? Not
saying this is bad, just pointing out the risk adding stuff inside SA.
Its not a playground its legacy production stuff for many people.
The DoS/DDoS is really a risk, many of the BL operators have been bitten
a lot of times. For SURBL the worst DDoS we have faced got us a little
over 40 Gbit/s. If you feel your company can live without network for
some days, sure, go ahead.... :-) If not, think twice. The DDoS we had
lasted for about 4 days. And we regularly get DDoS attacks, shorter and
longer, on the websites....
To be hounest, and this Mark, is not against you, but the current
situation. How the servers are setup, the single company stuff with the
RBL servers. I rather say, lets include the Barracuda BL, i am not a fan
of that specific list, but the infra is backed up by a large company
doing gigabits of traffic. Not a 'we have 20 mbit left over, lets do it'
Any university user inside .nl has more then that available.
I sincerly hope people realize its a serious thing, and take this mail
to improove things and setups. And please dont include lists that are
not up to the task yet).
This may be of interest..
http://www.uribl.com/mirrors.shtml
