[CLUE-Tech] reverse DNS

Charles Oriez coriez at oriez.org
Sun Sep 12 23:11:25 MDT 2004 

At 10:34 PM 9/12/2004, Nate Duehr wrote:

>William wrote:
>
>>--- Nate Duehr wrote:
>>
>>>There is one.  Multiple domains hosted off the same server.  The RDNS 
>>>can only match one of them.
>>>
>>>Kinda a pain for the frugal folks trying to host multiple domain's 
>>>webservers and e-mail servers off of the same physical box, but if one 
>>>has an endless supply of IP addresses, you can usually work around it by 
>>>putting multiple IP's on the same system.
>>
>>I wouldn't consider this an exception.  With proper configuration of your 
>>DNS records (A, CNAME,
>>and PTR records in particular), this is not an issue.  I host for many 
>>domains on a relatively
>>small set of static IP addresses, and I don't have any problem doing so.
>
>Oh I do too, I just made the comment to remind people that doing a full 
>RDNS lookup and expecting the machine name to 100% match isn't foolproof 
>or really proving anything really other than that the person at the other 
>end knows how to add RDNS entries.  If everyone blocks RDNS-less spam, the 
>spammers will just turn on RDNS.  Not a good long-term solution, never has 
>been, never will be.

which means the problem with trojaned machines as the source of spam goes 
away, forgeries stop being a problem, hijacked relays stop being a problem, 
and ISPs will be faced with the choice of terminating their spammers or 
being widely blocked.

Spamhaus had a come to jesus meeting with Savvis that got them to clean up 
their act.  EV1 seems to be terminating spammers finally. Ditto for 
Cogentco.  Even China seems to be cracking down.  I'm definitely starting 
to see a trend now where I am removing more ISPs from my local blocks than 
I am adding.  When we get to the point where all the spammers have to host 
on a small handful of ISPs, the rest of us can firewall that small set, 
they can spam each other to perdition without bothering us, and the problem 
goes away.


--

Charles Oriez     coriez at oriez.org    39  34' 34.4"N / 105 00' 06.3"W
**
"Drag God into politics, and you'll ruin his reputation in no time." -
Molly Ivins

More information about the clue-tech mailing list