ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Asrg] a plea for more hierarchy in DNS

2004-10-18 16:17:44
from [Markus Stumpf] [Permanent Link] 
We plan to widely implement greylisting.
For that we want to establish a whitelist of "wellknown" mailservers
to reduce the inpact and spare some useless rejections and time delays.

To build an initial list and to not be *that* dependant on IP addresses
we took some logfiles worth of some million connections and eliminated
all the obvious
    dyn-83-157-187-223.ppp.tiscali.fr [83.157.187.223]
    200-140-011-028.bsace705.dsl.brasiltelecom.net.br [200.140.11.28]
    dsl-201-129-15-54.prod-infinitum.com.mx [201.129.15.54]
    [ ... ]
stuff.

However we noticed that even mailserver farms are named as braindamaged
and hierarchy breaking as the example above. Why does it have to be
    mail-[0-9][0-9].iinet.net.au
instead of
    host[0-9][09-].mail.iinet.net.au

Or
    outfbmx___.isp.belgacom.be
    mail-relay_.ubc.ca
    mx_.uniserve.ca
    mx__.bluewin.ch
    cernmx__.cern.ch
    mta-_s-be-__.sunrise.ch
    mail-store-____.amazon.com
    smtp-out-____.amazon.com
    mail-out_.apple.com
    sj-iport-_-in.cisco.com
    cnnimail__.cnn.com
    siaag___.compuserve.com
    mxpool__.ebay.com
    mxsmfpool__.ebay.com
    fmr__.intel.com
    mail__.messagelabs.com
    inet-mail_.oracle.com
    exprod6mo_.postini.com
this list is endless and even companies that are deeply involved in the
Internet and eMail services and that use the Internet for ages seem to
not know how to do it right.

It would be more correct and so much easier to anti-greylist
    .mail.domain.tld
instead of adding 20 records
    mail-smtp-01.domainl.tld
    ...
    mail-smtp-20.domainl.tld

Why do they all flaten or reverse the RtoL hierarchy idea of the DNS as
soon as it reaches their own administration?
*sigh*

        \Maex

P.S. Yes, I am fully aware of the security implications caused by trusting
     information derived from a reverse DNS lookup.

-- 
SpaceNet AG            | Joseph-Dollinger-Bogen 14 | Fon: +49 (89) 32356-0
Research & Development |       D-80807 Muenchen    | Fax: +49 (89) 32356-299
"The security, stability and reliability of a computer system is reciprocally
 proportional to the amount of vacuity between the ears of the admin"

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Asrg] Filtering Header Draft Discussion, William Leibzon
Next by Date:  Re: [Asrg] a plea for more hierarchy in DNS, Jochen Topf
Previous by Thread:  [Asrg] Filtering Header Draft Discussion, Philip Miller
Next by Thread:  Re: [Asrg] a plea for more hierarchy in DNS, Jochen Topf
Indexes:  [Date] [Thread] [Top] [All Lists]