ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] What are the IPs that sends mail for a domain?

2009-06-19 13:54:45
from [Rich Kulawiec] [Permanent Link] 
On Thu, Jun 18, 2009 at 05:57:03PM -0400, der Mouse wrote:

The problems were technical, putting records other than PTR in the
rDNS zone.  That's why Dave and I came up with CSV.



Pretty please, read http://www.mipassoc.org/csv/ if you want to
continue this discussion.


Offhand, I don't see anything there that explains what's wrong with
putting records other than PTR under an rDNS zone.  Certainly _some_
non-PTR record types cause no problems, such as CNAME and zone cut
administrative records like SOA and NS.  In short, I don't see what's
wrong with XM from a technical standpoint.  What am I missing?


Let me see if I can find the archives of that discussion and produce
a synopsis.  (I don't want to misrepresent what John and/or Dave said
about it at the time.)

Meanwhile, let me say something about the intent -- as I had it in mind
when I brought it up.  I did so at the time that we were being increasingly
faced with zombie-originated spam, and were looking for ways to make it stop,
since clearly the irresponsible network operators hosting all those zombies
didn't treat it as an emergency requiring a whatever-it-takes committment.
(And most of them still don't, and yet have the audacity to whine when
they find their entire networks blacklisted out of exasperation that even
given YEARS to solve this urgent problem...they still haven't.)

Anyway, the point was not to make any assertion about who might be
sending mail or what domains it might be from or what might be in it:
just "this host sends mail or it doesn't".  Leaving XM=0 for acres
and acres of network space and checking for it on MX's would have the
effect of stopping zombie-direct-to-MX spam.  Of course it does nothing
for zombie-relayed-through-local-mail-system spam and nothing for all
the other nastiness zombies do: it was intended as a band-aid, no more.

Now...were I to advance this today (which I probably wouldn't given
that CSV is around) I'd suggest that it be done with forward DNS,
not reverse, and that it be checked IFF matching forward and reverse
DNS exist.  (Because if either doesn't exist or they don't match, that's
enough to reject on already.)

Anyway, let me go fish for the discussion-at-the-time and see if I can't
explain why my idea wasn't and probably still isn't a very good one.

---Rsk

_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Asrg] What are the IPs that sends mail for a domain?, J.D. Falk
Next by Date:  Re: [Asrg] What are the IPs that sends mail for a domain?, Douglas Otis
Previous by Thread:  Re: [Asrg] What are the IPs that sends mail for a domain?, der Mouse
Next by Thread:  Re: [Asrg] What are the IPs that sends mail for a domain?, Douglas Otis
Indexes:  [Date] [Thread] [Top] [All Lists]