SORBS on autopilot?

Ken Chase math at sizone.org
Mon Jan 11 16:24:42 UTC 2010


On Mon, Jan 11, 2010 at 10:01:11AM -0600, Larry Smith's said:
 >host 67.196.137.1
  >1.137.196.67.in-addr.arpa domain name pointer 
  >H1.C137.B196.A67.tor.colo.heavycomputing.ca.

Yeah I didnt make the .colo. up, it's in their proposed-RFC document in section 6.3.
They even go so far as to use the word MUST w.r.t. 'colo' in YELLCAPS:

http://tools.ietf.org/id/draft-msullivan-dnsop-generic-naming-schemes-00.txt

  >host 67.196.137.163
  >163.137.196.67.in-addr.arpa domain name pointer sizone.org.

This one was manually delisted a while ago. I have other hosts in there that have
proper custom-reverses such as .188 (which is the customer of mine which wants
off, but we cant get off.) He's had his custom name in there for months. Doenst
seem to help.

  >Have you tried all 3 of the routes listed at 
  >http://www.au.sorbs.net/faq/dul.shtml ?

Yes.

  >Something they don't tell you on the web page is that they ignore TTL and 
  >cache your DNS for a relatively long time.  If you tried for automated 
  >removal and your rDNS wasn't SORBS-compliant, automated removal isn't 
  >going to work for some number of days (I forget how many) even after you 
  >have made your rDNS SORBS-compliant.

It's been 5 days since I changed from a generic naming scheme (which was the above
minus the word colo) to adding in the 'colo'. Maybe the .tor. extra subdomain
is hurting somehow - the feedback loop between executing and testing results is
painfully long, and hard to tie down cause and effect.

I see our listing is also dated as an Aug 29th test, Im not sure how to get them
to re-test the block despite the 're-test' guidelines on their pages.

  >67.196.137.165  H165.C137.B196.A67.tor.colo.heavycomputing.ca.
  >67.196.137.166  H166.C137.B196.A67.tor.colo.heavycomputing.ca.
  >
  >With rDNS like that...good luck.  Go read
  >
  >http://tools.ietf.org/id/draft-msullivan-dnsop-generic-naming-schemes-00.txt

Exactly. Section 6.3, though with the .tor., perhaps Im not allowed to
indicate with a STATIC NAME where the colocation is, and perhaps I have to
remove the H/C/B/A as well. Guess ill try and just wait another 4-8 days before
guessing that's not working.

  >change your rDNS, wait a few days, and maybe you'll have a chance.

Have, maybe not enough days though. Hard to tell, which is my whole complaint.
But getting this working would also help spammers, I suppose is their refrain.

Ill try to be extremely literal about the non-RFC and see where that gets me.
Thanks.

/kc
-- 
Ken Chase - ken at heavycomputing.ca - +1 416 897 6284 - Toronto CANADA
Heavy Computing - Clued bandwidth, colocation and managed linux VPS @151 Front St. W.




More information about the NANOG mailing list