[AusNOG] [SHAME] spamrats.com
Leesa Gilroy
Leesa.Gilroy at brennanit.com.au
Thu Jan 10 19:03:35 EST 2013
SORBS employ a similar tactic.
They'll pre-emptively add entire blocks to their DUHL database (dynamic user/host list) if they decide the block is used for services with dynamic IPs. If majority of the hosts are missing a PTR, or the naming convention of the PTRs suggest they're used in a dynamic pool then that's enough for the whole prefix to be listed.
http://www.sorbs.net/delisting/dul.shtml
"Generic reverse DNS naming is the most important criterion for determining if an address range should be considered dynamically assigned. Please note that entries in the SORBS DUHL never expire."
From: ausnog-bounces at lists.ausnog.net [mailto:ausnog-bounces at lists.ausnog.net] On Behalf Of Jake Anderson
Sent: Thursday, 10 January 2013 5:39 PM
To: Noel Butler
Cc: ausnog at lists.ausnog.net
Subject: Re: [AusNOG] [SHAME] spamrats.com
Everybody seems to be assuming that the OP owns the entire /24.
>From the sound of his posting that is not the case, it sounds like he owns a handful in that range and is being punished for his "neighbors" actions, which for a "spam filter" service is just plain daft.
On 10/01/13 16:59, Noel Butler wrote:
On Thu, 2013-01-10 at 13:08 +1000, Julian DeMarchi wrote:
On 01/10/2013 01:04 PM, Paul Fraser wrote:
> Not that I agree with it, but I thought this was pretty much the norm as a spam mitigation technique...
A /32 yes. You can't block a whole /24 for no PTRs... I wouldn't be
running 252 mail servers on one subnet...
RFC 1912, Section 2.1 says every Internet-reachable host should have a name and "Make sure your PTR and A records match" and "For every IP address, there should be matching PTR record in the in-addr.arpa domain"
its DNS 101
but I agree they have taken things to the extreme IF you DID have some hosts with valid A and PTR's in that block.
Just as well they are not commonly used, perhaps this is why, just as bad a apews and a few others.
_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net<mailto:AusNOG at lists.ausnog.net>
http://lists.ausnog.net/mailman/listinfo/ausnog
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20130110/a133c620/attachment.html>
More information about the AusNOG
mailing list