[121182] in North American Network Operators' Group
Re: Identifying residential CPE IP addresses? (was: SORBS on
daemon@ATHENA.MIT.EDU (Jed Smith)
Tue Jan 12 15:00:35 2010
From: Jed Smith <jed@jedsmith.org>
In-Reply-To: <1DFA025F-1E21-4B22-AF4C-B4575682556C@ianai.net>
Date: Tue, 12 Jan 2010 14:59:55 -0500
To: "Patrick W. Gilmore" <patrick@ianai.net>,
nanog@nanog.org
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
On Jan 12, 2010, at 2:34 PM, Patrick W. Gilmore wrote:
> On Jan 12, 2010, at 2:11 PM, Michael Thomas wrote:
>=20
> 3) Should people really argue over what other people do with their own =
machines? You don't like SORBS, don't use it. Someone you need to talk =
to likes SORBS, make them stop, or conform. Might as well argue over a =
website using HTTPS when you don't like encryption.
I don't think the discussion is about SORBS, I think it's about this =
standards
draft that SORBS points to. Here, I'll lay out what I'm saying simply =
(and
retitle the thread so the SORBS issue will go away):
1. Your mailserver receives a connection from a previously-unknown =
relay.
Although this discussion is meta to mail, it's the most prime =
example.
2. Very quickly, your mailserver must make a spot decision on whether =
the
connecting IP address is a residential modem or a racked server. =
This
information might be important in an administrator's decision, via =
his
rules, to accept or reject any message that relay offers.
(To reiterate: the problem is determination of sender, not an =
attempt
to determine if the incoming mail is legitimate. This is beyond =
that.)
3. Currently, the solution is to consult the PTR, which this draft -- =
which
coincidentally is written by the administrator of SORBS -- =
recommends.
4. For other reasons laid out in this thread, PTR is not the best =
choice.
Additionally, administrators of mailservers who have no idea what a =
PTR
is -- although their entry fee to the Internet mail system is =
debatable
it will not be discussed here -- are now punished by blocklists =
like
SORBS and Trend Micro with the simple crime of not knowing to PTR =
their
mail server with something that screams "static allocation, not =
CPE".
I note, with a heavy hand, that there are no widely-disseminated
standards governing the reverse DNS of an Internet host other than =
this
draft, but administrators make decisions on it anyway.
5. What else does your mailserver use? What could it use? Are there =
any
desirable candidates for a standards-track behavior for determining =
the
"class" of an IP (i.e., iPhone, home CPE, colo'd server, grid node, =
and
so on). Should there be?
My original goal here was educational -- I'd like to hear if anybody has
given this question serious pause aside from putting silly restrictions =
on
what can go in a PTR, and basing a heavy decision on said PTR. Are =
there
any applications for such a test, outside of mail?
I've apparently hit a nerve, and I'm sorry for that. =20
JS
