ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] RMX & DNS: double advantage

2003-03-07 11:32:05
from [Hadmut Danisch] [Permanent Link] 
On Fri, Mar 07, 2003 at 10:36:43AM -0600, wayne wrote:


It should be pointed out that DNSBLs, including domain specific
DNSBLs, use the *absence* of an A record as an indication that IP
address is ok.  Negative DNS responses are generally not cached
anywhere near as log as positive results.  I do not know if this was a
design decision on the part of DNSBLs, or just a result of it being
easier to create that way.



Both presence and absence of a record can be spoofed. Presence
is spoofed by the fake record itself, absence by a bogus CNAME.

regards
Hadmut
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Asrg] filtering at connect time, Vernon Schryver
Next by Date:  Re: [Asrg] Spam detection system proposal, Alan DeKok
Previous by Thread:  Re: [Asrg] RMX & DNS: double advantage, wayne
Next by Thread:  [Asrg] Stamps, David Jameson
Indexes:  [Date] [Thread] [Top] [All Lists]