comcast ipv6 PTR

• Previous message (by thread): comcast ipv6 PTR
• Next message (by thread): comcast ipv6 PTR
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On October 15, 2013 at 02:28 Lee at asgard.org (Lee Howard) wrote:
 > 
 > 
 > On 10/10/13 1:09 AM, "Barry Shein" <bzs at world.std.com> wrote:
 > 
 > >
 > >On October 9, 2013 at 20:18 cma at cmadams.net (Chris Adams) wrote:
 > > > Once upon a time, Barry Shein <bzs at world.std.com> said:
 > > > > It's very useful for blocking spammers and other miscreants -- no
 > > > > reason at all to accept SMTP connections from troublesome
 > > > > *.rev.domain.net at all, no matter what the preceding NNN-NNN-NNN-NNN
 > > > > is.
 > > > 
 > > > If you are going to block like that, just block anybody without valid
 > > > reverse DNS.  If you don't trust provider foo.net to police their
 > >users,
 > > > why trust them to put valid and consistent xx-xx-xx-xx.dyn.foo.net
 > > > reverse?
 > >
 > >Because they do, they just do. This isn't a math proof, it's mostly
 > >social engineering. The providers aren't trying to fool anyone, in
 > >general, it's just that clients and websites get botted.
 > 
 > Except the point of this thread is that they don't.

I think the point of this thread was they don't for IPv6 and whether
they should or not (BCP)?

I was pointing out that reverse IP names, particularly where they
follow a simple pattern, can be useful in spam blocking.

That may or may not be an attractive reason to a site, but I didn't
particularly claim it to be. It's just an observation.

 > Is it easier to block inbound mail from hosts with certain high-level
 > domain
 > names in their PTRs than to block ranges of IP(v6) addresses?  Easier for
 > whom?

Of course it's easier, how do I as the SMTP client know how some site
manages their IPv6 blocks?

But it's a pretty good guess that if I'm getting 100 msgs/second from
various hosts with reverse ip names matching
ip-192-168.1.*.rev.example.com I can probably block that.

Most likely their SMTP server won't have a name like that.

As I said (and no doubt someone will jump on) none of this is an exact
science, blocking spam is not an exact science, none of the tools have
mathematical, infallible accuracy.

You do what you can.

For whom? I'm not sure what you're asking, the SMTP client side.

-- 
        -Barry Shein

The World              | bzs at TheWorld.com           | http://www.TheWorld.com
Purveyors to the Trade | Voice: 800-THE-WRLD        | Dial-Up: US, PR, Canada
Software Tool & Die    | Public Access Internet     | SINCE 1989     *oo*

• Previous message (by thread): comcast ipv6 PTR
• Next message (by thread): comcast ipv6 PTR
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]