Arrogant RBL list maintainers

Mike Lieman mikelieman at gmail.com
Wed Dec 16 06:06:55 CST 2009


Wouldn't SPF ( RFC 4408) tell people more about where the real mailservers
are than some half-baked idea of trying to enforce what hostnames should
look like?

What's the word for 'mail server' in Lower Sorbian, and does your algorithm
properly detect it in a hostname?  See the problem here?

On Wed, Dec 16, 2009 at 6:49 AM, Adam Armstrong <lists at memetic.org> wrote:

> On 16/12/2009 06:12, James Hess wrote:
>
>> On Tue, Dec 15, 2009 at 11:30 PM, Adam Armstrong<lists at memetic.org>
>>  wrote:
>>
>>
>>> personally, i'd recommend not being a dick and setting valid *meaningful*
>>> reverse dns for things relaying mail.
>>>
>>>
>> Many sites don't use names that will necessarily be meaningful to an
>> outsider.
>> Sometimes the non-meaningful name is the actual hostname and the
>> _only_ name that machine is known by,  even if the name appears
>> "generic" or contains an IP.   Host naming is a matter of local
>> network policy, and the RFCs that pertain to hostnames specify syntax
>> requirements only.
>>
>> Some sites might want to avoid  certain "meaningful"   RDNS entries
>> since  spammers, hackers, and other abusive users that scan IP ranges
>> can utilize the  RDNS to facilitate their activities.      All
>> reverse DNS information is in the hands of the enemy.
>>
>> For example, when spammers'  IP scanning efforts  find that an IP
>> address  reverses to   "mail.example.com"   the spammer will  know
>> to try   @example.com    e-mail addresses for  their dictionary-based
>> brute-force spamming.
>>
>> On the other hand,  if the MTA's  IP reverses  to   something like
>> a152.x.example.net.
>>
>> As is common for many domains.
>> Spammers coming in  by  scanning  large ranges of IPs,  have no
>> pointer to report  the  mailserver they discovered  is  @example.com
>>  inbound  (or outbound) mail.
>>
>>
>
> The 1970s called and asked for its security policy back :(
>
> I would have thought that asking for the MXes for example.com would have
> told them what the inbound mailserver is...
>
> adam.
>
>
>
>



More information about the NANOG mailing list