Arrogant RBL list maintainers
Adam Armstrong
lists at memetic.org
Wed Dec 16 11:49:27 UTC 2009
On 16/12/2009 06:12, James Hess wrote:
> On Tue, Dec 15, 2009 at 11:30 PM, Adam Armstrong<lists at memetic.org> wrote:
>
>> personally, i'd recommend not being a dick and setting valid *meaningful*
>> reverse dns for things relaying mail.
>>
> Many sites don't use names that will necessarily be meaningful to an outsider.
> Sometimes the non-meaningful name is the actual hostname and the
> _only_ name that machine is known by, even if the name appears
> "generic" or contains an IP. Host naming is a matter of local
> network policy, and the RFCs that pertain to hostnames specify syntax
> requirements only.
>
> Some sites might want to avoid certain "meaningful" RDNS entries
> since spammers, hackers, and other abusive users that scan IP ranges
> can utilize the RDNS to facilitate their activities. All
> reverse DNS information is in the hands of the enemy.
>
> For example, when spammers' IP scanning efforts find that an IP
> address reverses to "mail.example.com" the spammer will know
> to try @example.com e-mail addresses for their dictionary-based
> brute-force spamming.
>
> On the other hand, if the MTA's IP reverses to something like
> a152.x.example.net.
>
> As is common for many domains.
> Spammers coming in by scanning large ranges of IPs, have no
> pointer to report the mailserver they discovered is @example.com
> inbound (or outbound) mail.
>
The 1970s called and asked for its security policy back :(
I would have thought that asking for the MXes for example.com would have
told them what the inbound mailserver is...
adam.
More information about the NANOG
mailing list