At 10:36 AM -0800 11/27/03, Hallam-Baker, Phillip wrote:
Many people prefer the LMAP proposals that deal with regular "forward"
DNS than the MTA mark proposal that uses reverse DNS, because a usual
domain owner has control over regular DNS and does not have control over
reverse DNS.
Absolutely, reverse DNS has not been generally considered a critical
infrastructure, nobody uses it today except for debugging.
That is not true. RoadRunner has been using it to decide whether a
connecting machine on port 25 is worthy of sending them mail, based
(apparently) on whether the name resolved to matches
.*(dsl|dial|dyn).*
The zones are prefectly stable, the problem is that the information in those
zones is not maintained by the IP block holders to a sufficiently high
quality.
The other practical problem is that there are machines with several hundred
thousand email domains parked on one machine.
That's why DNS resolvers should always fall back to TCP when they get
a truncated response. Using rDNS for anything significant without
being prepared for a very large response is careless and stupid, but
it is dominant practice and people ARE using rDNS in serious ways now
without thinking about what they are doing with any sort of technical
depth.
Beyond that, there is a very poor coherency to how IP space holders
view the 'correct' population of in-addr.arpa zones. Many treat rDNS
as being essentially for their own administrative use, and put in
names relating to the way an address it routed or connected, and do
not even offer their customers who use the IP addresses any obvious
way to have the rDNS changed to match the functional identities of
addresses. There is honest disagreement over whether and how forward
and reverse DNS should always be made 'consistent' and that
disagreement is only made worse by the fact that the RFC's which
touch on the issue can best be described as quaint historical
documents.
--
Bill Cole
bill(_at_)scconsult(_dot_)com
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg