[94300] in North American Network Operators' Group
Re: what happens when you put a typo in a DNSBL server?
daemon@ATHENA.MIT.EDU (Steve Atkins)
Wed Jan 17 11:35:37 2007
In-Reply-To: <sdps9fkjyk.fsf@wes.hardakers.net>
From: Steve Atkins <steve@blighty.com>
Date: Wed, 17 Jan 2007 08:33:20 -0800
To: nanog list <nanog@merit.edu>
Errors-To: owner-nanog@merit.edu
On Jan 16, 2007, at 8:36 AM, Wes Hardaker wrote:
>
>
> A number of ISPs use njabl.org as a DNS BL server. However, starting
> jan 2 a new domain exists "njalb.org" which is serving A records for
> anything queried against it's DNS server. (note the difference: njaBL
> vs njaLB). Previous to this date a misconfigured ISP was just not
> being protected by the BL. Now, it's potentially dropping all mail
> from anyone because of the typo.
>
If you screw up your mail configuration, you'll lose email.
I'm more concerned about the deluge of DNS queries caused
by people who randomly punch strings into their mailfilters
and cause quite a lot of traffic to third party DNS servers.
When I see people doing that to my DNS servers, I add
a wildcard record in the hope that they'll notice. The worst case is
when they're hitting the (non-existent) blacklist just to get
a value to feed into something like spamassassin that will
proceed to deliver the mail anyway.
There are de-facto standards that will prevent all this
happening, but the writers of spam filters are (as far
as I know, without exception) too stupid or too lazy
to take advantage of this.
Cheers,
Steve
