comcast ipv6 PTR

Barry Shein bzs at world.std.com
Thu Oct 10 05:09:39 UTC 2013


On October 9, 2013 at 20:18 cma at cmadams.net (Chris Adams) wrote:
 > Once upon a time, Barry Shein <bzs at world.std.com> said:
 > > It's very useful for blocking spammers and other miscreants -- no
 > > reason at all to accept SMTP connections from troublesome
 > > *.rev.domain.net at all, no matter what the preceding NNN-NNN-NNN-NNN
 > > is.
 > 
 > If you are going to block like that, just block anybody without valid
 > reverse DNS.  If you don't trust provider foo.net to police their users,
 > why trust them to put valid and consistent xx-xx-xx-xx.dyn.foo.net
 > reverse?

Because they do, they just do. This isn't a math proof, it's mostly
social engineering. The providers aren't trying to fool anyone, in
general, it's just that clients and websites get botted.

 > I only see a use for reverse DNS for router interfaces (for useful
 > traceroute info) and servers (and only really SMTP servers).  Most of
 > the rest is fluff, often out-of-date, uselessly auto-generated, etc.

It's pretty amazing how much spam comes from hosts with names a lot
like ns1.example.com, their name servers. Not sure why they're so
easily abused but maybe it doesn't occur to them to lock down MTAs on
their name servers.

-- 
        -Barry Shein

The World              | bzs at TheWorld.com           | http://www.TheWorld.com
Purveyors to the Trade | Voice: 800-THE-WRLD        | Dial-Up: US, PR, Canada
Software Tool & Die    | Public Access Internet     | SINCE 1989     *oo*




More information about the NANOG mailing list