[178223] in North American Network Operators' Group
What would you do about questionable domain pointing A record to your
daemon@ATHENA.MIT.EDU (Anne P. Mitchell, Esq.)
Fri Feb 20 12:08:13 2015
X-Original-To: nanog@nanog.org
From: "Anne P. Mitchell, Esq." <amitchell@isipp.com>
Date: Fri, 20 Feb 2015 10:08:02 -0700
To: nanog@nanog.org
Errors-To: nanog-bounces@nanog.org
All,
We have a rather strange situation (well, strange to me, at least).
We have an email reputation accreditation applicant, who otherwise looks =
clean, however there is a very strange and somewhat concerning domain =
being pointed to one of the applicant's IP addresses Let's call the =
domain example.com, and the IP address 127.0.0.1, for these purposes.
Applicant is assigned 127.0.0.1. the rDNS correctly goes to their own =
domain.
However, example.com (which in reality is a concerning domain name) =
claims 127.0.0.1 as their A record.=20
Of course, example.com is registered privately, and their DNS provider =
is one who is...umm... "known to provide dns for domains seen in spam."
As I see it, the applicant's options are:
a) just not worry about it and keep an eye on it
b) publish a really tight spf record on it, so if they are somehow =
compromised, email appearing to come from example.com and 127.0.0.1 =
should be denied
c) not use the IP address at all (it's part of a substantially larger =
block)
d) two or more of the above.
Thoughts? What would you do?
Thanks!
Anne
Anne P. Mitchell, Esq.
CEO/President
ISIPP SuretyMail Email Reputation, Accreditation & Certification
Your mail system + SuretyMail accreditation =3D delivered to their =
inbox!
http://www.SuretyMail.com/
http://www.SuretyMail.eu/
Author: Section 6 of the Federal CAN-SPAM Act of 2003
Member, California Bar Cyberspace Law Committee
Ret. Professor of Law, Lincoln Law School of San Jose
303-731-2121 | amitchell@isipp.com | @AnnePMitchell | =
Facebook/AnnePMitchell=20
