SORBS on autopilot?
jlewis at lewis.org
Tue Jan 12 17:33:19 UTC 2010
On Tue, 12 Jan 2010, Jed Smith wrote:
> At the risk of hijacking the thread, is this draft considered to be of
> importance outside of SORBS' domain at all? When handling a /24 that
> ended up on the DUL -- I feel this thread's pain -- I made the case that
> this draft expired years ago by the book and never got any further. The
> DUL companies like SORBS, Trend Micro, et. al. all point to this
> document as justification for their practices, however; wouldn't that be
> considered violating it, given the preamble on page 1?
Sure, it's expired and never made it to RFC status. But are the "DUL"'s
really pointing at it as justification for their policies, or simply
pointing to it as a handy place to find a set of reasonably sensible
suggested practices for DNS naming schemes. If there's another similar
document, I'm not aware of it.
I don't know that following the schemes the draft proposes is required for
keeping IPs off any "DUL", but I sure wish people would at least read it
and consider some of the ideas presented...namely that their DNS naming
scheme should clearly indicate an IP's purpose, at least if they want that
IP to be useful for sending email.
For example, take the following IPs and their PTRs
All of them have recently tried sending mail. How many are mail servers?
As the vast majority of spam now comes from bot-infected end user systems,
it's increasinly important to be able to easily differentiate mail servers
from !mail servers. rDNS is a cheap and easy (or at least it can be if
the provider chooses) way to do it.
Those who choose to ignore the ideas presented in
draft-msullivan-dnsop-generic-naming-schemes-00.txt do so at their own
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
More information about the NANOG