Security Basics mailing list archives

Re: educating rDNS violators

From: SMiller () unimin com
Date: Wed, 25 Aug 2004 17:09:52 -0400





First, I am grateful for all of the answers received, so please do not
misinterpret the following.  I will let this stand for the group of
responses that might well be summarized by the expression "tough ti11y said
the kitty, but the milk's still sweet."  I don't know how much of those
respondents' critical business communications are conducted by email, but
for my employer it has become very high.  We also serve a customer base and
are in turn served by a vendor base that is technologically typically
trailing edge, and composed of concerns that are highly unlikely to
understand the need or method for publishing reverse DNS mappings.  Has it
been forgotten that this service (email) serves a utilitarian business
purpose?  That a vitally important contract, or bid, or quote opportunity
could be irrevocably lost as the result of denying email delivery from
legitimate business partners?  It isn't inconceivable that several hundred
thousand USD in revenue could swing on an undelivered email or five.  All
those here who would like to admit responsibility and disclaim "But I was
blocking spam", when your CEO asks IT how such a thing could possibly have
happened, raise your hands.  There is another old saw, "throwing the baby
out with the bath water".  To me, it seems that an inflexible
implementation of reverse dns validation of email at this time runs the
risk of accomplishing just that.  YMMV.

Scott


                                                                           
             James Kelly                                                   
             <jim@essistants.c                                             
             om>                                                        To 
                                       JGrimshaw () ASAP com                  
             08/24/2004 10:31                                           cc 
             PM                        security-basics () securityfocus com   
                                                                    Fax to 
                                                                           
                                                                   Subject 
                                       Re: educating rDNS violators        
                                                                           
                                                                           
                                                                           
                                                                           
                                                                           
                                                                           




-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

This may then force customers to switch providers to one who properly
sets up their service.

Jim

JGrimshaw () ASAP com wrote:
| With that in mind, with many customers using large ISPs for their public
| DNS service, a updating the bounce back message might not resolve
| anything, as the emailing site may not be in the authority to make the
| changes you have requested, and the large ISP may not have the
| wherewithall to implement such policies.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFBK/nv3IzKSZsd6+oRAt52AKDBkO/xBF/TtPxMhpbxsPBVJKsYSgCfZNlJ
xXvyx3fgsswII+fYXL+Adws=
=5KM+
-----END PGP SIGNATURE-----

---------------------------------------------------------------------------
Computer Forensics Training at the InfoSec Institute. All of our class
sizes
are guaranteed to be 12 students or less to facilitate one-on-one
interaction with one of our expert instructors. Gain the in-demand skills
of
a certified computer examiner, learn to recover trace data left behind by
fraud, theft, and cybercrime perpetrators. Discover the source of computer
crime and abuse so that it never happens again.

http://www.infosecinstitute.com/courses/computer_forensics_training.html
----------------------------------------------------------------------------





---------------------------------------------------------------------------
Computer Forensics Training at the InfoSec Institute. All of our class sizes
are guaranteed to be 12 students or less to facilitate one-on-one
interaction with one of our expert instructors. Gain the in-demand skills of
a certified computer examiner, learn to recover trace data left behind by
fraud, theft, and cybercrime perpetrators. Discover the source of computer
crime and abuse so that it never happens again.

http://www.infosecinstitute.com/courses/computer_forensics_training.html
----------------------------------------------------------------------------

Current thread:

Re: educating rDNS violators, (continued)
- - Re: educating rDNS violators Derek Schaible (Aug 25)
    - Message not available
    - Re: educating rDNS violators Derek Schaible (Aug 25)
    - RE: educating rDNS violators David Gillett (Aug 26)
    - Re: educating rDNS violators token (Aug 26)
    - RE: educating rDNS violators David Gillett (Aug 30)
    - Re: educating rDNS violators Niek (Aug 26)
    - Re: educating rDNS violators Derek Schaible (Aug 30)
- Re: educating rDNS violators JGrimshaw (Aug 24)
  - Re: educating rDNS violators James Kelly (Aug 25)
    - Re: educating rDNS violators Bryan S. Sampsel (Aug 25)
    - Re: educating rDNS violators SMiller (Aug 26)
  - Re: educating rDNS violators Derek Schaible (Aug 25)
    - Re: educating rDNS violators Mark Reis (Aug 28)
    - Re: educating rDNS violators Derek Schaible (Aug 30)
    - Re: educating rDNS violators Bryan S. Sampsel (Aug 30)
- Re: educating rDNS violators Chris Olave (Aug 24)
- Re: educating rDNS violators Eric Brown (Aug 24)
- RE: educating RDNS violators LordInfidel (Aug 26)