[121939] in North American Network Operators' Group
Threading the senderbase reputation needle
daemon@ATHENA.MIT.EDU (Drew Weaver)
Tue Feb 2 09:38:21 2010
From: Drew Weaver <drew.weaver@thenap.com>
To: "'nanog@nanog.org'" <nanog@nanog.org>
Date: Tue, 2 Feb 2010 09:37:44 -0500
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Howdy,
Has anyone come up with a reverse DNS 'pattern' that one can employ that wi=
ll prevent Senderbase from assigning a poor reputation to an entire /24 bec=
ause they saw an email they didn't like from a single IP address?
We're an infrastructure provider, which means that we lease servers, etc to=
customers and everything we do uses static IPs.
Our current 'default (before the customer changes it)' is a x.x.x.x.static.=
domain.com, apparently Senderbase cannot look up CIDR boundaries in the RIR=
database (even though we spend a lot of time making sure that we publish t=
he CIDR information) so they just assume that each 'offender' owns the enti=
re /24 and they also consider any 'email' from the static.domain.com domain=
to be the 'same offender' (which is completely silly).
The other little annoyance about their system is that we assign CIDR blocks=
to users (almost always a /29) these CIDRs include IP addresses like the g=
ateway address, the broadcast address, the network address, etc and the use=
rs may only use 2-3 of the IPs in the /29, but they expect us or the user t=
o set a 'custom looking' reverse DNS on all of the IPs in the range. Origin=
ally, we were not putting any reverse DNS on our IPs until the customer req=
uested it (or did it themselves via our system) but then we ran into proble=
ms with some RBLs that require reverse DNS on all IPs, and other RBLs that =
require matching forward and reverse DNS on all IPs.=20
I've contacted Senderbase for advice on what specifically we need to do but=
they've been vague at best and I have even asked them for examples of comp=
anies who 'meet their specifications' but I wasn't given any.
I'm considering doing something like customerXXXXX.static.domain.com but th=
en I can see other problems with that also.
Any advice?
-Drew
