Arrogant RBL list maintainers

Adam Armstrong lists at memetic.org
Wed Dec 16 05:49:27 CST 2009


On 16/12/2009 06:12, James Hess wrote:
> On Tue, Dec 15, 2009 at 11:30 PM, Adam Armstrong<lists at memetic.org>  wrote:
>    
>> personally, i'd recommend not being a dick and setting valid *meaningful*
>> reverse dns for things relaying mail.
>>      
> Many sites don't use names that will necessarily be meaningful to an outsider.
> Sometimes the non-meaningful name is the actual hostname and the
> _only_ name that machine is known by,  even if the name appears
> "generic" or contains an IP.   Host naming is a matter of local
> network policy, and the RFCs that pertain to hostnames specify syntax
> requirements only.
>
> Some sites might want to avoid  certain "meaningful"   RDNS entries
> since  spammers, hackers, and other abusive users that scan IP ranges
> can utilize the  RDNS to facilitate their activities.      All
> reverse DNS information is in the hands of the enemy.
>
> For example, when spammers'  IP scanning efforts  find that an IP
> address  reverses to   "mail.example.com"   the spammer will  know
> to try   @example.com    e-mail addresses for  their dictionary-based
> brute-force spamming.
>
> On the other hand,  if the MTA's  IP reverses  to   something like
> a152.x.example.net.
>
> As is common for many domains.
> Spammers coming in  by  scanning  large ranges of IPs,  have no
> pointer to report  the  mailserver they discovered  is  @example.com
>   inbound  (or outbound) mail.
>    

The 1970s called and asked for its security policy back :(

I would have thought that asking for the MXes for example.com would have 
told them what the inbound mailserver is...

adam.






More information about the NANOG mailing list