nanog mailing list archives
Re: Aptum refuses to SWIP
From: Steven Champeon <schampeo () hesketh com>
Date: Wed, 10 May 2023 19:35:53 +0000
on Thu, May 04, 2023 at 08:09:01PM -0600, Forrest Christian (List Account) wrote:
I can't speak for aptum, but I'm curious as to why this is important to you? I'm not trying to discount this at all, just curious why this matters in the internet of 2023.
For the past 20 years, I've been using PTR records as the basis for patterns that are then classified according to various criteria: assigment type (static/dynamic/mixed) and various other things like NATs, infra, resnets, shared and dedicated webhosts, and so forth. Turns out it's a pretty useful way to decide whether to accept mail from an end user node or reject an ad click from a datacenter, among myriad other uses. Part of the process involves trying to determine whether generic names that don't indicate assignment type are static or dynamically assigned, and one helpful clue is rwhois that accurately reflects the size and hopefully registrant of the block with that naming. Of course, with WHOIS gutted, and rwhois servers that don't work or are nonexistent, my job here is complicated enough. It really helps to be able to know what I'm looking at. So YMMV but I find accurate, detailed rwhois AND PTR records extremely useful, as do the folks who license our dataset, which at last look covers around 97.4% of IPv4 PTRs (for fun, take a look at a Hilbert map I did of our coverage, and the following example PNGs showing our overall coverage per /8 and the breakdown of which IPs in which /8 have PTRs and how they are classified). Hilbert map: http://enemieslist.com/map.html Coverage by /8: http://enemieslist.com/coverage20230429.png Classification breakdown by /8: http://enemieslist.com/coverageclasses20230506.png Basically, you may not care but there are a lot of companies and researchers who very much do. For another example of why this matters, we were customers of a large business class cable company from mid-2007 through early 2013, and as we were doing some small-scale hosting, we asked for and got a /27 with custom PTRs assigned. They're still there. Oddly enough, I asked hostmaster@$BIGCABLECO today to remove them again (I do it every few years out of a triumph of hope over experience that is never requited). Maybe it will today, I don't know. But if you ever see abusive traffic from a block that has been assigned to a NC community college whose IPs have PTRs in either of the following domains, it wasn't us. Steve -- hesketh.com/inc. v: +1(919)834-2552 f: +1(919)834-2553 w: http://hesketh.com/ Internet security and antispam hostname intelligence: http://enemieslist.com/
Current thread:
- Re: Aptum refuses to SWIP, (continued)
- Re: Aptum refuses to SWIP Blake Hudson (May 05)
- Re: Aptum refuses to SWIP Forrest Christian (List Account) (May 06)
- Re: Aptum refuses to SWIP Jim (May 06)
- Re: Aptum refuses to SWIP Forrest Christian (List Account) (May 07)
- Re: Aptum refuses to SWIP Richey Goldberg (May 06)
- Re: Aptum refuses to SWIP William Herrin (May 06)
- Re: Aptum refuses to SWIP Blake Hudson (May 05)
- Re: Aptum refuses to SWIP Lyndon Nerenberg (VE7TFX/VE6BBM) (May 05)
- Re: Aptum refuses to SWIP William Herrin (May 05)
- Re: Aptum refuses to SWIP Forrest Christian (List Account) (May 06)
- Re: Aptum refuses to SWIP Lyndon Nerenberg (VE7TFX/VE6BBM) (May 07)