SORBS on autopilot?

Jon Lewis jlewis at lewis.org
Tue Jan 12 11:33:19 CST 2010


On Tue, 12 Jan 2010, Jed Smith wrote:

>> http://tools.ietf.org/id/draft-msullivan-dnsop-generic-naming-schemes-00.txt
>
> At the risk of hijacking the thread, is this draft considered to be of 
> importance outside of SORBS' domain at all?  When handling a /24 that 
> ended up on the DUL -- I feel this thread's pain -- I made the case that 
> this draft expired years ago by the book and never got any further. The 
> DUL companies like SORBS, Trend Micro, et. al. all point to this 
> document as justification for their practices, however; wouldn't that be 
> considered violating it, given the preamble on page 1?

Sure, it's expired and never made it to RFC status.  But are the "DUL"'s 
really pointing at it as justification for their policies, or simply 
pointing to it as a handy place to find a set of reasonably sensible 
suggested practices for DNS naming schemes.  If there's another similar 
document, I'm not aware of it.

I don't know that following the schemes the draft proposes is required for 
keeping IPs off any "DUL", but I sure wish people would at least read it 
and consider some of the ideas presented...namely that their DNS naming 
scheme should clearly indicate an IP's purpose, at least if they want that 
IP to be useful for sending email.

For example, take the following IPs and their PTRs

70.42.226.181   sm-70-42-226-181.quepasa.com
78.228.245.8    mad26-1-78-228-245-8.fbx.proxad.net
83.185.129.102  m83-185-129-102.cust.tele2.se
118.137.228.242 fm-ip-118.137.228.242.fast.net.id
189.84.86.106   189-84-86-106.marinter.com.br

All of them have recently tried sending mail.  How many are mail servers? 
As the vast majority of spam now comes from bot-infected end user systems, 
it's increasinly important to be able to easily differentiate mail servers 
from !mail servers.  rDNS is a cheap and easy (or at least it can be if 
the provider chooses) way to do it.

Those who choose to ignore the ideas presented in 
draft-msullivan-dnsop-generic-naming-schemes-00.txt do so at their own 
peril.

----------------------------------------------------------------------
  Jon Lewis                   |  I route
  Senior Network Engineer     |  therefore you are
  Atlantic Net                |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________




More information about the NANOG mailing list