Arrogant RBL list maintainers
James Hess
mysidia at gmail.com
Wed Dec 16 06:12:22 UTC 2009
On Tue, Dec 15, 2009 at 11:30 PM, Adam Armstrong <lists at memetic.org> wrote:
> personally, i'd recommend not being a dick and setting valid *meaningful*
> reverse dns for things relaying mail.
Many sites don't use names that will necessarily be meaningful to an outsider.
Sometimes the non-meaningful name is the actual hostname and the
_only_ name that machine is known by, even if the name appears
"generic" or contains an IP. Host naming is a matter of local
network policy, and the RFCs that pertain to hostnames specify syntax
requirements only.
Some sites might want to avoid certain "meaningful" RDNS entries
since spammers, hackers, and other abusive users that scan IP ranges
can utilize the RDNS to facilitate their activities. All
reverse DNS information is in the hands of the enemy.
For example, when spammers' IP scanning efforts find that an IP
address reverses to "mail.example.com" the spammer will know
to try @example.com e-mail addresses for their dictionary-based
brute-force spamming.
On the other hand, if the MTA's IP reverses to something like
a152.x.example.net.
As is common for many domains.
Spammers coming in by scanning large ranges of IPs, have no
pointer to report the mailserver they discovered is @example.com
inbound (or outbound) mail.
Since the RDNS domain is different, and in fact generic, which helps
avoid assisting the spammer in identifying the IP as an inbound
mail server.
--
-J
More information about the NANOG
mailing list