nanog mailing list archives
Re: comcast ipv6 PTR
From: Barry Shein <bzs () world std com>
Date: Mon, 14 Oct 2013 20:40:03 -0400
On October 15, 2013 at 02:28 Lee () asgard org (Lee Howard) wrote:
On 10/10/13 1:09 AM, "Barry Shein" <bzs () world std com> wrote:On October 9, 2013 at 20:18 cma () cmadams net (Chris Adams) wrote:Once upon a time, Barry Shein <bzs () world std com> said:It's very useful for blocking spammers and other miscreants -- no reason at all to accept SMTP connections from troublesome *.rev.domain.net at all, no matter what the preceding NNN-NNN-NNN-NNN is.If you are going to block like that, just block anybody without valid reverse DNS. If you don't trust provider foo.net to police theirusers,why trust them to put valid and consistent xx-xx-xx-xx.dyn.foo.net reverse?Because they do, they just do. This isn't a math proof, it's mostly social engineering. The providers aren't trying to fool anyone, in general, it's just that clients and websites get botted.Except the point of this thread is that they don't.
I think the point of this thread was they don't for IPv6 and whether they should or not (BCP)? I was pointing out that reverse IP names, particularly where they follow a simple pattern, can be useful in spam blocking. That may or may not be an attractive reason to a site, but I didn't particularly claim it to be. It's just an observation.
Is it easier to block inbound mail from hosts with certain high-level domain names in their PTRs than to block ranges of IP(v6) addresses? Easier for whom?
Of course it's easier, how do I as the SMTP client know how some site manages their IPv6 blocks? But it's a pretty good guess that if I'm getting 100 msgs/second from various hosts with reverse ip names matching ip-192-168.1.*.rev.example.com I can probably block that. Most likely their SMTP server won't have a name like that. As I said (and no doubt someone will jump on) none of this is an exact science, blocking spam is not an exact science, none of the tools have mathematical, infallible accuracy. You do what you can. For whom? I'm not sure what you're asking, the SMTP client side. -- -Barry Shein The World | bzs () TheWorld com | http://www.TheWorld.com Purveyors to the Trade | Voice: 800-THE-WRLD | Dial-Up: US, PR, Canada Software Tool & Die | Public Access Internet | SINCE 1989 *oo*
Current thread:
- Re: comcast ipv6 PTR, (continued)
- Re: comcast ipv6 PTR Chris Adams (Oct 09)
- Re: comcast ipv6 PTR Livingood, Jason (Oct 09)
- Re: comcast ipv6 PTR Blair Trosper (Oct 09)
- Re: comcast ipv6 PTR Chris Adams (Oct 09)
- Re: comcast ipv6 PTR Joe Abley (Oct 09)
- Re: comcast ipv6 PTR John Levine (Oct 09)
- Re: comcast ipv6 PTR Barry Shein (Oct 09)
- Re: comcast ipv6 PTR Chris Adams (Oct 09)
- Re: comcast ipv6 PTR Barry Shein (Oct 09)
- Re: comcast ipv6 PTR Lee Howard (Oct 14)
- Re: comcast ipv6 PTR Barry Shein (Oct 14)
- Re: comcast ipv6 PTR Franck Martin (Oct 14)
- Re: comcast ipv6 PTR Paul Ferguson (Oct 14)
- Re: comcast ipv6 PTR Barry Shein (Oct 14)
- Re: comcast ipv6 PTR John Levine (Oct 14)
- Re: comcast ipv6 PTR Blair Trosper (Oct 14)
- Re: comcast ipv6 PTR Chris Adams (Oct 15)
- Re: comcast ipv6 PTR Brielle Bruns (Oct 15)
- Re: comcast ipv6 PTR Andrew Sullivan (Oct 15)
- Re: comcast ipv6 PTR Barry Shein (Oct 14)
- Re: comcast ipv6 PTR Jimmy Hess (Oct 14)