Re: [domainrep] rDNS identifiers
Andreas Schulze <sca@andreasschulze.de> Wed, 18 July 2012 18:41 UTC
Return-Path: <sca@andreasschulze.de>
X-Original-To: domainrep@ietfa.amsl.com
Delivered-To: domainrep@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DCEEA11E8132 for <domainrep@ietfa.amsl.com>; Wed, 18 Jul 2012 11:41:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.249
X-Spam-Level:
X-Spam-Status: No, score=-2.249 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HELO_EQ_DE=0.35]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ideZhCvhq7Cy for <domainrep@ietfa.amsl.com>; Wed, 18 Jul 2012 11:41:49 -0700 (PDT)
Received: from mout.andreasschulze.de (mout.andreasschulze.de [84.201.4.158]) by ietfa.amsl.com (Postfix) with ESMTP id E99EB21F85B6 for <domainrep@ietf.org>; Wed, 18 Jul 2012 11:41:48 -0700 (PDT)
X-Received: line deleted by mout
X-DKIM: OpenDKIM Filter v2.6.4 taro 3WcnKQ0s9kz2595
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=andreasschulze.de; s=2012; t=1342636954; r=y; bh=u2A8sqOyPRd0/NyB9kDQKtO3/tJbV+W+xoUXMjzLAhM=; h=Date:From:To:Cc:Subject:References:In-Reply-To; z=Date:=20Wed,=2018=20Jul=202012=2020:42:36=20+0200|From:=20Andreas =20Schulze=20<sca@andreasschulze.de>|To:=20Jacob=20R=20Rideout=20< ietf@jacobrideout.net>|Cc:=20domainrep@ietf.org|Subject:=20Re:=20[ domainrep]=20rDNS=20identifiers|References:=20<CAK+pC_-tOXvq1OSqiT 6=3Dvn+0UYGWpNogB9TQoy7vGbaQR-a+ag@mail.gmail.com>|In-Reply-To:=20 <CAK+pC_-tOXvq1OSqiT6=3Dvn+0UYGWpNogB9TQoy7vGbaQR-a+ag@mail.gmail. com>; b=KoStIEgLXXJAYioS8pVTXTSBXDLn+JyrDi/UHPTYiUYIPu0wayUcn+MX3jK5Ni2St Qbj9mW1m1a+OJthvfe6bR6yk2rScU+ZMmm+Pt2lDjCVqZUrzyOEpzuqg8wBofWNhfk ESyZTJtTT1ksafjJ4VziRTo2WqWX90dxmBxhSQ44=
X-Virus-Scanned: amavisd-new-2.7.2 on taro.andreasschulze.de
X-Received: line deleted by mout
X-Received: line deleted by mout
Date: Wed, 18 Jul 2012 20:42:36 +0200
From: Andreas Schulze <sca@andreasschulze.de>
To: Jacob R Rideout <ietf@jacobrideout.net>
Message-ID: <20120718184236.GA18918@solar.andreasschulze.de>
References: <CAK+pC_-tOXvq1OSqiT6=vn+0UYGWpNogB9TQoy7vGbaQR-a+ag@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <CAK+pC_-tOXvq1OSqiT6=vn+0UYGWpNogB9TQoy7vGbaQR-a+ag@mail.gmail.com>
X-GPG-Key-ID: 0xA7DBA67F
X-GPG-Fingerprint: 14C1 39A8 CE6D 6BE0 28C6 5652 03B5 6793 A7DB A67F
X-GPG-Public-Key: http://9645f8.dyndns.org/a7dba67f.asc
X-Location: Germany, Earth
User-Agent: mutt
Cc: domainrep@ietf.org
Subject: Re: [domainrep] rDNS identifiers
X-BeenThere: domainrep@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Domain Reputation discussion list <domainrep.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/domainrep>, <mailto:domainrep-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/domainrep>
List-Post: <mailto:domainrep@ietf.org>
List-Help: <mailto:domainrep-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/domainrep>, <mailto:domainrep-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 18 Jul 2012 18:41:50 -0000
Am 29.06.2012 12:37 schrieb Jacob R Rideout: > Has anyone on the list considered the use of the IPv4 (or v6) PTR rDNS > value as an identifier? Or more strictly, a fully qualified domain name, that also > resolves to the queried IP address. Hi, MTX is (not very common) but much stricter. see http://www.chaosreigns.com/mtx/ It's like a distributed selfmade whitelisting/reputation. Consider I have an IP-Address 192.0.2.1 assigned to my mailserver. I like to send mail. The receiver usually will reverse lookup that IP. 1.2.0.192.in-addr.arpa. PTR -> outbound-mailer.example.org. That's all. Next the receiver *may* doublecheck the name resolv too. I personaly don't expect that the name resolv to 192.0.2.1. If I would force that on my MX I would lose too much legit mail. So the doublecheck is not practical for most people. So normal "dnscheck" ends with "sender has any rDNS". But I as a sender could do more. I could state that I *do* have control over the dns zone my PTR points to. That's usual if I own ip space. It's unusual for a dialup. I can provide an A record 1.2.0.192.mtx.outbound-mailer.example.org. = 127.0.0.1 If the receiver ask for that record he knows that - I control the rdns zone - I control the forward zone - I really spend my time to setup such records. The receiver may notice my much greater interest that my mails are delivered. In fact that is a nice scheme to intoduce someone as a mailsender. without having reputation history. It definitly drops sender how do not control rDNS. It does not pervent abusers to setup such records. But that ips could be blocked. That's a decision every receiver could meet for himself. (or use a central blacklist) Andreas
- [domainrep] rDNS identifiers Jacob R Rideout
- Re: [domainrep] rDNS identifiers Andreas Schulze
- Re: [domainrep] rDNS identifiers Steve Allam
- Re: [domainrep] rDNS identifiers Andreas Schulze
- [domainrep] MTX / was: rDNS identifiers Andreas Schulze