best practices for PTR naming and whois (was, sadly, Re: Arrogant RBL list maintainers)

Steven Champeon schampeo at hesketh.com
Thu Dec 10 09:54:12 CST 2009


on Thu, Dec 10, 2009 at 09:29:15AM -0600, Sam Hayes Merritt, III wrote:
>
>> Creating a standard on what to put in WHOIS/DNS for 
>> dynamic/static/infrastructure would make a lot of sense, seems nobody is 
>> doing it though.
>
> As previously noted in this thread, msullivan at sorbs did a fairly good job 
> of documenting this in an RFC draft. I'd say its still the primary goto to 
> point people at for how to do things the "right way".
>
> http://tools.ietf.org/html/draft-msullivan-dnsop-generic-naming-schemes-00

There's also Dan Senie and Andrew Sullivan's draft:

http://tools.ietf.org/html/draft-ietf-dnsop-reverse-mapping-considerations-06

...which basically boils down to "if you're not using rDNS to project
a clear picture of the intended uses of a given IP, you're screwed".
Or maybe that's just my read. 

I've written up my thoughts on naming and why it matters in a series of
posts on my Web site; this is the cumulative wisdom acquired after six
years or more of collecting and attempting to classify naming
conventions worldwide. We're at close to 47K patterns for over 18K
domains worldwide, so I think it's safe to say I've seen my share of
this stuff and can draw general observations.

In a nutshell, if you're not clearly indicating mail sources as mail
sources, don't expect great deliverability. If you're running a Web
hosting shop and don't have rate-limited outbound smarthosts, expect all
your clients' mail to be suspected of being phishing scams. If you run a
corporate network that allows unsecured outbound port 25 via NAT, you
lose. If you run a university network (or part of one) without clearly
distinguishing between server infrastructure and student-use end nodes,
you really might want to rethink that. And if you're a consumer ISP that
allows both static and dynamic assignments or serves both residential
and commercial under the same useless generic naming convention, you are
Making It Harder for the rest of us, which is an automatic upgrade path
to reflexive blocking of all traffic. Oh, and if it's out of your control
or what you consider your responsibility, SWIP it and label it clearly
so we can figure out what it is and decide whether we want it as part
of our view of the Internet. Keep your whois up to date and indicate
if nothing else whether a given block is static or dynamically assigned,
residential or corporate. 

Full archive here:

 http://enemieslist.com/news/archives/gripes/

Of particular interest, perhaps:

 http://enemieslist.com/news/archives/2009/06/principles.html
 http://enemieslist.com/news/archives/2009/06/basic_principle.html
 http://enemieslist.com/news/archives/2009/06/basic_principle_1.html
 http://enemieslist.com/news/archives/2009/06/basic_principle_2.html
 http://enemieslist.com/news/archives/2009/06/a_few_thoughts_1.html
 http://enemieslist.com/news/archives/2009/07/why_we_suspect.html
 http://enemieslist.com/news/archives/2009/07/a_passionate_cr.html
 
but the whole archive is full of examples of DNS stupidity, for your
enjoyment, and as an expression of years of pent up frustration. ;)

Cheers,
Steve

-- 
hesketh.com/inc. v: +1(919)834-2552 f: +1(919)834-2553 w: http://hesketh.com/
antispam news and intelligence to help you stop spam: http://enemieslist.com/




More information about the NANOG mailing list