nanog mailing list archives

Re: fixing insecure email infrastructure (was: Re: [eweek article] Window of "anonymity" when domain exists, whois not updated yet)

From: Suresh Ramasubramanian <ops.lists () gmail com>
Date: Thu, 13 Jan 2005 10:25:18 +0530


On Wed, 12 Jan 2005 23:19:47 -0500, Valdis.Kletnieks () vt edu
<Valdis.Kletnieks () vt edu> wrote:

On Wed, 12 Jan 2005 19:19:24 PST, Dave Crocker said:

In general, that's what dkeys/iim and csv (and maybe spf) are attempting to provide.


Yes, but he asked for a rDNS solution specifically...


I think Steve was referring to some things that can be implemented
right away, like "if you operate a mailserver, please make sure that
it isn't on a host that has reverse dns like ppp-XXX.adsl.example.com,
try to give it unique and non generic rDNS, preferably with a hostname
that starts off with smtp-out, mail, mta etc)"

Basically a call to operators to adopt a consistent forward and
reverse DNS naming pattern for their mailservers, static IP netblocks,
dynamic IP netblocks etc.

-- 
Suresh Ramasubramanian (ops.lists () gmail com)

Current thread:

Re: fixing insecure email infrastructure (was: Re: [eweek article] Window of "anonymity" when domain exists, whois not updated yet), (continued)
- - - Re: fixing insecure email infrastructure (was: Re: [eweek article] Window of "anonymity" when domain exists, whois not updated yet) Eric Brunner-Williams in Portland Maine (Jan 12)
    - Re: fixing insecure email infrastructure (was: Re: [eweek article] Window of "anonymity" when domain exists, whois not updated yet) Steven Champeon (Jan 12)
    - Re: fixing insecure email infrastructure (was: Re: [eweek article] Window of "anonymity" when domain exists, whois not updated yet) Eric Brunner-Williams in Portland Maine (Jan 12)
    - Re: fixing insecure email infrastructure (was: Re: [eweek article] Window of "anonymity" when domain exists, whois not updated yet) Steven Champeon (Jan 12)
    - Re: fixing insecure email infrastructure (was: Re: [eweek article] Window of "anonymity" when domain exists, whois not updated yet) Eric Brunner-Williams in Portland Maine (Jan 12)
    - Re: fixing insecure email infrastructure (was: Re: [eweek article] Window of "anonymity" when domain exists, whois not updated yet) Adi Linden (Jan 12)
    - Re: fixing insecure email infrastructure (was: Re: [eweek article] Window of "anonymity" when domain exists, whois not updated yet) Steven Champeon (Jan 12)
    - Re: fixing insecure email infrastructure (was: Re: [eweek article] Window of "anonymity" when domain exists, whois not updated yet) Valdis . Kletnieks (Jan 12)
    - Re: fixing insecure email infrastructure (was: Re: [eweek article] Window of "anonymity" when domain exists, whois not updated yet) Dave Crocker (Jan 12)
    - Re: fixing insecure email infrastructure (was: Re: [eweek article] Window of "anonymity" when domain exists, whois not updated yet) Valdis . Kletnieks (Jan 12)
    - Re: fixing insecure email infrastructure (was: Re: [eweek article] Window of "anonymity" when domain exists, whois not updated yet) Suresh Ramasubramanian (Jan 12)
    - Re: fixing insecure email infrastructure (was: Re: [eweek article] Window of "anonymity" when domain exists, whois not updated yet) Steven Champeon (Jan 12)
    - Re: fixing insecure email infrastructure (was: Re: [eweek article] Window of "anonymity" when domain exists, whois not updated yet) Andre Oppermann (Jan 13)
    - Re: marking dynamic ranges, was fixing insecure email infrastructure John Levine (Jan 13)
    - Re: marking dynamic ranges, was fixing insecure email infrastructure Markus Stumpf (Jan 24)
    - Re: marking dynamic ranges, was fixing insecure email infrastructure Suresh Ramasubramanian (Jan 24)
    - Re: marking dynamic ranges, was fixing insecure email infrastructure Markus Stumpf (Jan 25)
    - Re: marking dynamic ranges, was fixing insecure email infrastructure Valdis . Kletnieks (Jan 25)
    - Re: marking dynamic ranges, was fixing insecure email infrastructure Markus Stumpf (Jan 25)
    - Re: marking dynamic ranges, was fixing insecure email infrastructure J.D. Falk (Jan 25)
    - Re: marking dynamic ranges, was fixing insecure email infrastructure Valdis . Kletnieks (Jan 25)

(Thread continues...)