On 2004-11-01 07:31:09 -0800, Douglas Campbell wrote:
This is why the light took so long. I read the spec but didn't get the
part about the TXT records for reverse lookups being the only valid ones.
That means I can't set them myself, but must rely on the controller of my
address range to do it (which might NOT be my ISP). This does not seem
onerous; I'd expect them to be eager to cut the spam transiting their
network.
I'd expect that, too. Unfortunately our expectations aren't met.
I just tested all the 155k IP addresses which connected during October
to our main MX for MTAmark records.
Results (excluding our own network):
155173 MTA=unknown
8 MTA=no
6 MTA=yes
Well, that's a a bit better than a similar test I did in July, but there
clearly aren't enough MTAmark records yet to bother implementing filters
based on them.
Even worse, while the MTA=yes records seem correct, the MTA=no records
are a bit suspicious:
Host 177.211.151.12.in-addr.arpa not found: 2(SERVFAIL)
10.122.171.136.in-addr.arpa domain name pointer ctsmtpho1.chevrontexaco.com.
19.162.87.192.in-addr.arpa domain name pointer mail.iss.nl.
144.5.87.192.in-addr.arpa domain name pointer relay.surfnet.nl.
16.50.87.192.in-addr.arpa domain name pointer swets-fw1.swets.nl.
Host 13.52.171.194.in-addr.arpa not found: 3(NXDOMAIN)
46.182.41.212.in-addr.arpa domain name pointer d429b62e.adsl.legend.co.uk.
87.225.69.212.in-addr.arpa domain name pointer outbound2.mail.legend.net.uk.
Half of the names seem to have something to do with mail, and one of the
hosts is even called "outbound2". I can't help but think that in these
cases someone created an MTA=no record for the whole network but forgot
to add the MTA=yes records for the mail servers (Happened to me, too: I
posted a record for the main mail server, but forgot the mailing list
server).
I also talked to the postmaster of another Austrian ISP (who happens to
be responsible for 5 of the 6 MTA=yes records) and he said they would
only publish MTA=yes records for their servers, but no MTA=no records for
their dial-up and DSL customers. Which doesn't seem to be very useful to me.
hp
PS: If someone wants to do similar stats, the script I used is at
http://www.hjp.at/mail/spam/mtamark/mtamark.pl
It expects one IP address per line as input and spits out the MTAmark
record for each IP address. It is quite slow (about 1 second per IP
address on average), so if you want to test lots of addresses you should
split the input into several files and run them in parallel.
--
_ | Peter J. Holzer | Je höher der Norden, desto weniger wird
|_|_) | Sysadmin WSR | überhaupt gesprochen, also auch kein Dialekt.
| | | hjp(_at_)hjp(_dot_)at | Hallig Gröde ist fast gänzlich
dialektfrei.
__/ | http://www.hjp.at/ | -- Hannes Petersen in desd
pgpFp4UEJNwzR.pgp
Description: PGP signature
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg