[121168] in North American Network Operators' Group
Re: SORBS on autopilot?
daemon@ATHENA.MIT.EDU (Jon Lewis)
Tue Jan 12 12:33:59 2010
Date: Tue, 12 Jan 2010 12:33:19 -0500 (EST)
From: Jon Lewis <jlewis@lewis.org>
To: Jed Smith <jed@jedsmith.org>
In-Reply-To: <9E57EFB7-12FB-4A5F-A82E-B67DBEC52C57@jedsmith.org>
Cc: nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Tue, 12 Jan 2010, Jed Smith wrote:
>> http://tools.ietf.org/id/draft-msullivan-dnsop-generic-naming-schemes-00.txt
>
> At the risk of hijacking the thread, is this draft considered to be of
> importance outside of SORBS' domain at all? When handling a /24 that
> ended up on the DUL -- I feel this thread's pain -- I made the case that
> this draft expired years ago by the book and never got any further. The
> DUL companies like SORBS, Trend Micro, et. al. all point to this
> document as justification for their practices, however; wouldn't that be
> considered violating it, given the preamble on page 1?
Sure, it's expired and never made it to RFC status. But are the "DUL"'s
really pointing at it as justification for their policies, or simply
pointing to it as a handy place to find a set of reasonably sensible
suggested practices for DNS naming schemes. If there's another similar
document, I'm not aware of it.
I don't know that following the schemes the draft proposes is required for
keeping IPs off any "DUL", but I sure wish people would at least read it
and consider some of the ideas presented...namely that their DNS naming
scheme should clearly indicate an IP's purpose, at least if they want that
IP to be useful for sending email.
For example, take the following IPs and their PTRs
70.42.226.181 sm-70-42-226-181.quepasa.com
78.228.245.8 mad26-1-78-228-245-8.fbx.proxad.net
83.185.129.102 m83-185-129-102.cust.tele2.se
118.137.228.242 fm-ip-118.137.228.242.fast.net.id
189.84.86.106 189-84-86-106.marinter.com.br
All of them have recently tried sending mail. How many are mail servers?
As the vast majority of spam now comes from bot-infected end user systems,
it's increasinly important to be able to easily differentiate mail servers
from !mail servers. rDNS is a cheap and easy (or at least it can be if
the provider chooses) way to do it.
Those who choose to ignore the ideas presented in
draft-msullivan-dnsop-generic-naming-schemes-00.txt do so at their own
peril.
----------------------------------------------------------------------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
