[121174] in North American Network Operators' Group
Re: SORBS on autopilot?
daemon@ATHENA.MIT.EDU (Brian Keefer)
Tue Jan 12 13:49:23 2010
From: Brian Keefer <chort@smtps.net>
In-Reply-To: <EC670BD6-75B4-4916-889C-4F07E576E6D8@jedsmith.org>
Date: Tue, 12 Jan 2010 10:48:31 -0800
To: Jed Smith <jed@jedsmith.org>
Cc: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Jan 12, 2010, at 10:31 AM, Jed Smith wrote:
>=20
> Given the first few replies I received, allow me to clarify, now that =
I've
> ... apparently angered the anti-spam crowd:
>=20
I wouldn't say that necessarily accurate. I could be considered part of =
the "anti-spam crowd", seeing as that's my line of work.
I think DULs are a really dumb way to block spam. Making a binary =
decision off of information that's wrong as often as it's right it's a =
great way to create collateral damage and just generally cause more =
headaches for everyone. Sure, you could take PTR content into account =
as _part_ of your decision on how to treat incoming e-mail (or =
connections, for that matter), but it should never be the _whole_ =
decision.
Keeping track of observed behavior is much more indicative of whether an =
IP is going to send you spam than just assuming all IPs are dynamic =
until proven otherwise (through some laborious 12-step process, possibly =
including bribes^H^H^H^H^H^Hdonations). There are several =
enterprise-class, best-of-breed vendors using the former technique =
rather than the latter. I think you'll find it's low-end, =
unsophisticated outfits who use the latter method.
Yes PTRs should be more accurate and informative, but very often the =
people standing up mail servers aren't the people who have control over =
the DNS and barely even understand how it works. Many organizations who =
have access to directly edit their forward zones don't have that kind of =
access to their reverse zones and find updating that information to be =
somewhat of an arcane process.
DNS should really be taught in schools.
--
bk=
