relays.osirusoft.com
jlewis at lewis.org
jlewis at lewis.org
Wed Aug 27 11:53:49 UTC 2003
On 27 Aug 2003, Paul Vixie wrote:
> ...because running blackhole lists is surprisingly more hard
> than most people think. (witness the sorbs.net message here
> a few hours ago complaining of 50Kpkt/day query loads.) i've
Matt wasn't complaining about query loads. And 50Kpkt/day in queries is
nothing anyway. He was complaining about being DDoS'd by spammers or
others who just don't like dnsbls. AFAIK, SORBS, SPEWS, and Osirusoft
have all been the targets of DDoS's for a few weeks.
> this part, on the other hand...
>
> > he's put
> > *.*.*.* in, he's asking people not to use it anymore.
>
> ...mystifies me. anyone who has read rfc1034 or rfc1035, even
> if they did not also read rfc2181 or rfc2136 or rfc2308, knows
> that in a zone containing the following wildcardish data:
>
> $ORIGIN example.vix.com.
> * 1H IN A 127.0.0.1
> *.* 1H IN A 127.0.0.2
This was just a misunderstanding on the part of the previous poster.
Unless he has a copy of the zone (not likely given the unreliability of
Joe's DNS servers lately), he wouldn't be able to see this. I think he
just wasn't familiar with how wildcards worked and assumed each * only
matched one [^.]*, which is incorrect. AFAICT, what he did add was:
* 24H A 127.0.0.2
24H TXT "Please stop using relays.osirusoft.com"
which is much worse than just emptying the zone, removing it from the
NS's, or shutting down the DNS servers.
> when i deprecated the old $foo.maps.vix.com zones in favour of the their
> corresponding replacements $bar.mail-abuse.org some years ago, i had the
> foresight to ensure that no mail would be blocked by people who failed to
> put in the configuration change. now you can all see why that was nec'y.
Mail would only have been blocked if you had done something crazy like the
above.
Mail was delayed (and servers put under heavy load waiting for DNS queries
to time out) when MAPS finally shut off free access without warning (a
week or more after they originally had warned they'd do it, but gave
everyone an extension when there was massive public outcry and they were
unable to keep up with inquiries about buying access).
----------------------------------------------------------------------
Jon Lewis *jlewis at lewis.org*| I route
System Administrator | therefore you are
Atlantic Net |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
More information about the NANOG
mailing list