[77122] in North American Network Operators' Group
Re: fixing insecure email infrastructure (was: Re: [eweek article]
daemon@ATHENA.MIT.EDU (Owen DeLong)
Thu Jan 13 14:35:52 2005
Date: Thu, 13 Jan 2005 11:35:23 -0800
From: Owen DeLong <owen@delong.com>
To: Valdis.Kletnieks@vt.edu, Stephane Bortzmeyer <bortzmeyer@nic.fr>
Cc: nanog@merit.edu
In-Reply-To: <200501131521.j0DFLKew032301@turing-police.cc.vt.edu>
Errors-To: owner-nanog-outgoing@merit.edu
--==========448E4E2A4A53EF0182F1==========
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: quoted-printable
Content-Disposition: inline
>> Requesting rDNS means "I don't want to receive email from Africa".
>
> Having an rDNS entry for a host doesn't mean you know if it is/isn't in
> Africa, to any higher degree of certainty than when you just had the IP
> address.
What he was pointing out her is that a majority of African ISPs do not even
have the ability to assign rDNS to their address space. This is an=20
unfortunate
fact which should get somewhat better as a result of ARIN policies 2002-3
and 2003-15. I don't know to what extent those policies have helped yet,
but, at least it is much easier for African ISPs to get direct allocations
now.
In essence, it is virtually impossible for a small-medium business in =
Africa
to set up a mail server and have rDNS entries created for it because their
ISP doesn't control the IN-ADDRs and the imcumbent Telco doesn't want to
do anything they don't absolutely have to for the competitive ISPs.
Owen
--=20
If it wasn't crypto-signed, it probably didn't come from me.
--==========448E4E2A4A53EF0182F1==========
Content-Type: application/pgp-signature
Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (Darwin)
iD8DBQFB5s17n5zKWQ/iqj0RAjpDAJwOD8xsT2JWXkZ0jOnqPPM+I09IqQCfTj+z
3byPdGnwgtLyR8GDdTa4fMg=
=fq1d
-----END PGP SIGNATURE-----
--==========448E4E2A4A53EF0182F1==========--
