marking dynamic ranges, was fixing insecure email infrastructure

Markus Stumpf maex-lists-nanog at Space.Net
Tue Jan 25 17:58:16 UTC 2005

On Tue, Jan 25, 2005 at 12:22:33PM -0500, Valdis.Kletnieks at wrote:
> Which would mean that if Suresh insisted on revDNS, he'd end up blocking
> only 2 hosts, but 40% of his legitimate mail would be dropped on the floor.

Correct. But neither MTAMARK nor I suggest blocking based on non
existant revDNS. The idea of MTAMARK is to add information to revDNS to
give the sending host either a better reputation or signal "do not accept
mail from that host". For the deployment of such information it makes a
difference if 40% of the hosts don't have revDNS or only 4%. With 4%
it may be worth the trouble convincing some admins and adding some local
whitelisting rules, with 40% you probably don't need to try starting at

> I'd *hope* that knowingly dropping 40% of the *legitimate* mail on the floor
> would be considered a CLM.   But these days some providers seem to think
> "all of Europe" is a reasonable filter.....

Isn't this free market economy? They want to isolate themselves, it's
their decision. And IMHO "all of Europe" is more fair than "all of Europe
but not the five biggest ISPs".


SpaceNet AG            | Joseph-Dollinger-Bogen 14 | Fon: +49 (89) 32356-0
Research & Development |       D-80807 Muenchen    | Fax: +49 (89) 32356-299
"The security, stability and reliability of a computer system is reciprocally
 proportional to the amount of vacuity between the ears of the admin"

More information about the NANOG mailing list