Chris Lewis wrote:
Matthew Sullivan wrote:
Chris Lewis wrote:
<t>If this indicator is missing (query of 127.0.0.2 returns NXDOMAIN),
the DNSBL should be considered non-functional.</t>
No - there are a few that do not have that address at the moment (they
probably should), but as another example - autoexpiry of the SORBS Proxy
DBs wiped out the test entrys until I hardcoded them in the DNSBl export
script to put the entries in regardless of a matching lookup. Consider
the following (not the wording, only the intent):
If 127.0.0.2 is missing the user should look at the status of the DNSbl
as it MAY be due to zone shutdown.
I do not think it onerous to suggest that existing DNSBLs that don't use
127.0.0.2 should, and there is enough current practise to suggest it
should be codified as a BCP.
Secondly, you'll notice I didn't say "considered shut down" or imply
permanence. If a DNSBL that publishes a 127.0.0.2 diagnostic _stops_
doing it, it is indeed operating out of specification (eg: what else is
going wrong?) at least temporarily, and probably shouldn't be used
further until it starts signalling 127.0.0.2 properly again.
By stating it this simply, it encourages automation, so if something
breaks down, email servers _could_ automatically stop trusting the returns.
Mat,
I've generally agreed with you, but I think this is a pretty low
barrier, and can fix issues for DNSBL's trying to shut down, especially
with third party software that use DNSBL's to filter spam.
Andrew
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/asrg