ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] rDNS

2009-05-29 00:01:53
from [der Mouse] [Permanent Link] 
As an anti-abuse effort, some providers [...] do not accept
connections without a reverse DNS entry being found.

This used to be typical of FTP servers in the '80s.  However, some
feedback loop providers apparently make use of it today.


As do various others - my mailserver, for example, will not accept mail
from hosts with missing or broken rDNS.


IMHO, synthesizing informations on that basis is symptomatic of
technologies in their infancy being desperately greedy for data they
cannot obtain [otherwise].


"Synthesizing" information?  What's synthetic about (paraphrased) "your
rDNS is missing or broken, so I won't listen to you"?


As a result, these providers may be unable to communicate with some
organizations or geographic regions.

Right.  So?  Someone who doesn't tolerate dashes in domain names
won't be able to communicate with rodents-montreal.org, either.

I never heard about dash-intolerants.  Are you kidding?


Not in the sense you probably mean.  The "As a result" quote appeared
to be citing this as a problem with rejecting based on missing rDNS; my
point was just that it isn't necessarily so, that just because two
sites make choices that, combined, mean they can't communicate does not
make either of those choices inherently wrong.  Dash intolerance was
just a somewhat-over-the-top example of one such choice (the paired
other choice being my choice to use a domain with a dash in it).


Who is wrong, because in the case of email, reverse DNS is clearly
being misused.

It's not clear to me that anyone is wrong there, nor that rDNS is
being misused.

Much like whois, rDNS is being used in relation with the possibility
to individuate who, if any, is responsible for running a host at the
given address.


Sometimes.  Sometimes, as in my own case, it's not so much because it
tells me who's responsible as because it correlates with having clue
(thereby being less likely to be a problem).


DNSBLs, certificates, reputation, etcetera, all rotate around
allocations of those IP numbers, but rDNS dependence reveals
unreadiness for a truly virtual environment: What if _all_ IPs were
dynamic?


What if they were?  Those who care about such things would presumaaably
update their DNS as the assign and reclaim IPs.  At worst, rDNS
checking might become useless.  Neither possibility means there's
anything wrong with using it now.

/~\ The ASCII                             Mouse
\ / Ribbon Campaign
 X  Against HTML                mouse(_at_)rodents-montreal(_dot_)org
/ \ Email!           7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: DNS over SCTP, David Conrad
Next by Date:  Re: DNS over SCTP, Masataka Ohta
Previous by Thread:  Re: [Asrg] rDNS, Alessandro Vesely
Next by Thread:  Re: [Asrg] rDNS, Alessandro Vesely
Indexes:  [Date] [Thread] [Top] [All Lists]