John Levine jo...@iecc.com wrote:
*.4.4.3.0.5.a.0.0.8.b.d.0.1.0.0.2.ip6.arpa. PTR a.node.on.vlan344.namn.se.
...will work just fine, for instance.
Since there is no record for a.node.on.vlan344.namn.se., this
won't work fine in any rDNS check I'm aware of.
I believe it's relatively
On Thu, Jan 10, 2013 at 01:10:48PM +1000, Julian DeMarchi wrote:
On 01/10/2013 01:06 PM, Suresh Ramasubramanian wrote:
Who uses it? Or did you see your IP listed in one of those multiple dnsbl
query sites and contacted them on general principles even though you didn't
see any actual bounced
On Wed, Jan 09, 2013 at 09:27:17PM -0600, Chris Boyd wrote:
We're small shop, but our policy is not to accept email from addresses
without PTRs. And we have a long list of pool/dhcp/dyn/resnet PTRs we
don't accept mail from as well.
This is (and has been) a best practice for most of a decade,
On 10 Jan 2013, at 6:41 AM, Mark Andrews ma...@isc.org wrote:
No. A /64 has 18,446,744,073,709,551,616 addresses. Even if you
had machines that supported zettabytes of data the zone would never
load in human lifetimes.
Because hitting things in memory is the only way we can ever respond to a
On 1/9/2013 10:06 PM, Suresh Ramasubramanian wrote:
Who uses it? Or did you see your IP listed in one of those multiple dnsbl
query sites and contacted them on general principles even though you didn't
see any actual bounced email that could be traced to a spam rats listing?
That said, it is
Unused space generally gets a $generate type generic scripted runs which
could be whatever, like ip-ad-dr-ess.example.com
Not rid unallocated space, not that there's much of it in v4
As for v6 how popular do you see it getting for mail?
On Thursday, January 10, 2013, Dave Sparro wrote:
On
On Thu, January 10, 2013 7:53 am, Suresh Ramasubramanian wrote:
As for v6 how popular do you see it getting for mail?
Are you implying that when the internet otherwise moves on to IPv6, we'll
still inexplicably use IPv4 for mail?
Jima
RE: PTRs for IPv6, see
http://tools.ietf.org/html/draft-howard-isp-ip6rdns-05
I've had many excellent suggestions for updates to it, which I intend to
treat in the next couple of weeks. I don¹t cover PTRs for servers,
because I don't see a scalability problem.
However, I don't think I understand
On Jan 10, 2013, at 10:17 AM, Jima na...@jima.tk wrote:
On Thu, January 10, 2013 7:53 am, Suresh Ramasubramanian wrote:
As for v6 how popular do you see it getting for mail?
Are you implying that when the internet otherwise moves on to IPv6, we'll
still inexplicably use IPv4 for mail?
On Thu, Jan 10, 2013 at 3:45 PM, Dave Sparro dspa...@gmail.com wrote:
What label would you suggest be used for PTR records in unassigned space?
Some fixed string like unassigned.yourdomain? This would make it
obvious that something is wrong if ever it leaks out.
-- Matthias
On 1/10/2013 9:53 AM, Suresh Ramasubramanian wrote:
Unused space generally gets a $generate type generic scripted runs
which could be whatever, like ip-ad-dr-ess.example.com
http://ip-ad-dr-ess.example.com
If the IP address hasn't been assigned to example.com, why would make a
DNS entry that
ARGH, ok, enough with: They can have any policy they like, it's their
equipment and no one is being forced to use them.
That's tacit, I'd hope.
Doesn't mean people can't do dopey things well within their rights and
maybe sounding it out would give them some clue, or at least warn
others to stay
Just as a data point (and to initiate my semi-annual 'I'm still here' email),
we of course check for and require PTRs for all of our email accreditation
customers, many of which are ESPs, and you would be *shocked* (or maybe you
wouldn't) how many otherwise relatively clueful and 'wanting to
On Wed, Jan 9, 2013 at 10:49 PM, Julian DeMarchi
jul...@jdcomputers.com.au wrote:
At least one company uses spamrats. That's how it got escalated to me.
Hi Julian,
A couple of thoughts for you:
1. Spam Rats is a non-entity and anyone blocking email solely on Spam
Rats' information is a fool.
On Jan 9, 2013, at 20:18 , Mark Foster blak...@blakjak.net wrote:
On 10/01/13 17:15, Karl Auer wrote:
On Wed, 2013-01-09 at 21:14 -0600, Otis L. Surratt, Jr. wrote:
FYI - I have a PTR for all IPs. Just general practice.
All IPs actually in use, or all possible IPs in a network? If the
*.4.4.3.0.5.a.0.0.8.b.d.0.1.0.0.2.ip6.arpa. PTR a.node.on.vlan344.namn.se.
...will work just fine, for instance.
Since there is no record for a.node.on.vlan344.namn.se., this
won't work fine in any rDNS check I'm aware of.
You are aware that useful rDNS has to have matching forward DNs,
IMHO mail is one of the easiest first things to turn on for IPv6.
You can certainly turn it on, and it will work at the current toy
scale, but nobody has a clue how we're going to scale IPv4 spam
management up for large scale IPv6. Anything that's obvious won't
work.
On 01/10/2013 02:59 PM, John Levine wrote:
IMHO mail is one of the easiest first things to turn on for IPv6.
You can certainly turn it on, and it will work at the current toy
scale, but nobody has a clue how we're going to scale IPv4 spam
management up for large scale IPv6. Anything that's
On 1/10/13 12:59 PM, John Levine wrote:
IMHO mail is one of the easiest first things to turn on for IPv6.
You can certainly turn it on, and it will work at the current toy
scale, but nobody has a clue how we're going to scale IPv4 spam
management up for large scale IPv6. Anything that's
On Thu, 2013-01-10 at 20:23 +0530, Suresh Ramasubramanian wrote:
Unused space generally gets a $generate type generic scripted runs which
could be whatever, like ip-ad-dr-ess.example.com
Nothing that actually stores actual RRs will scale to the number of
addresses available in IPv6.
If you
Mail is all this discussion is in the context of
On Friday, January 11, 2013, Karl Auer wrote:
On Thu, 2013-01-10 at 20:23 +0530, Suresh Ramasubramanian wrote:
Unused space generally gets a $generate type generic scripted runs which
could be whatever, like ip-ad-dr-ess.example.com
Date: 10 Jan 2013 20:57:25 -
From: John Levine jo...@iecc.com
Subject: Re: [SHAME] Spam Rats
*.4.4.3.0.5.a.0.0.8.b.d.0.1.0.0.2.ip6.arpa. PTR a.node.on.vlan344.namn.se.
...will work just fine, for instance.
Since there is no record for a.node.on.vlan344.namn.se., this
won't
Mail is all this discussion is in the context of
On Friday, January 11, 2013, Karl Auer wrote:
On Thu, 2013-01-10 at 20:23 +0530, Suresh Ramasubramanian wrote:
Unused space generally gets a $generate type generic scripted runs which
could be whatever, like ip-ad-dr-ess.example.com
Who uses it? Or did you see your IP listed in one of those multiple dnsbl
query sites and contacted them on general principles even though you didn't
see any actual bounced email that could be traced to a spam rats listing?
That said, it is best practice to set ptr records even for your
On 01/10/2013 01:06 PM, Suresh Ramasubramanian wrote:
Who uses it? Or did you see your IP listed in one of those multiple dnsbl
query sites and contacted them on general principles even though you didn't
see any actual bounced email that could be traced to a spam rats listing?
Customers use
I wouldn't flame you.. I think this forum lacks this kind of discussion. At
least we can move on from the LinkedIn email saga earlier this week?
From my Galaxy Note II, please excuse any mistakes.
Original message
From: Julian DeMarchi jul...@jdcomputers.com.au
Date:
We had issues and similar behavior from SORBS.net and TrendMicro ERS but
have never dealt with Spam Rats. It was our second direct allocation
from ARIN last year that was apart of a larger block that got split up.
Our block was listed in their DUL. It was a pain to remove. They wanted
our PTR
Ask your customers what I asked you. Are they actually seeing email blocked
and bounced because of that spam rats listing.
Also it is your choice whether or not to follow best practices, it is spam
rats choice to block mail based on whatever they like, and it is the choice
of some random email
Once upon a time, Suresh Ramasubramanian ops.li...@gmail.com said:
That said, it is best practice to set ptr records even for your unassigned
ip space
[citation needed]
--
Chris Adams cmad...@hiwaay.net
Systems and Network Administrator - HiWAAY Internet Services
I don't speak for anybody but
On 01/10/2013 01:16 PM, Suresh Ramasubramanian wrote:
Ask your customers what I asked you. Are they actually seeing email blocked
and bounced because of that spam rats listing.
They are yes. Emails are being blocked due to the listing on spamrats.
For our colo ranges we do not set PTRs by
One $GENERATE in bind should take care of that, and save what looks like
the usual extra long nanog thread?
What does it cost you not to do it?
On Thursday, January 10, 2013, Julian DeMarchi wrote:
On 01/10/2013 01:16 PM, Suresh Ramasubramanian wrote:
Ask your customers what I asked you. Are
On Jan 9, 2013, at 8:58 PM, Julian DeMarchi wrote:
This is the first RBL I have seen list a /24 for lack of PTRs. Not for
sending spam, but just PTRs alone. How do you explain this to your
customer?
We're small shop, but our policy is not to accept email from addresses without
PTRs. And we
On Thu, 10 Jan 2013, Julian DeMarchi wrote:
Customers use the range. They had a complaint to us that the IP was
listed by spamrats and thus the issue made it to my queue.
That frequently just means they've subscribed to one of the monitoring
services that notifies you if your IPs have turned
On Thu, Jan 10, 2013 at 12:58:59PM +1000, Julian DeMarchi wrote:
This is the first RBL I have seen list a /24 for lack of PTRs. Not for
sending spam, but just PTRs alone. How do you explain this to your
customer?
First, this would be better on mailop.
Second, they're running a DNSBL, not
Personal experience is that I have had a large telco, which I won't name
since they immediately unblocked, blocked exactly such a range once, for
the exact same reason. RFCs and best practices often aren't a 100 % exact
match so sorry, I can't dig up a cite.
--srs (htc one x)
On 10-Jan-2013 9:00
On 01/10/2013 01:30 PM, Jon Lewis wrote:
Mail servers do need to have PTRs, but it is my _choice_ if my hosts
that do not send mail have PTRs or not. I would not expect anyone to
block my /24 for lack of PTRs on non-mail-sending hosts.
If they're not mail servers, how is the DNSBL listing
On 01/10/2013 01:27 PM, Chris Boyd wrote:
We're small shop, but our policy is not to accept email from addresses
without PTRs. And we have a long list of pool/dhcp/dyn/resnet PTRs we don't
accept mail from as well.
This is the normal pratice. I would never run a mail server without a PTR.
On Wed, 2013-01-09 at 21:14 -0600, Otis L. Surratt, Jr. wrote:
FYI - I have a PTR for all IPs. Just general practice.
All IPs actually in use, or all possible IPs in a network? If the
latter, then it's not gunna fly for IPv6. Not at all. Not unless you
synthesise the responses - in which case
On 10/01/13 17:15, Karl Auer wrote:
On Wed, 2013-01-09 at 21:14 -0600, Otis L. Surratt, Jr. wrote:
FYI - I have a PTR for all IPs. Just general practice.
All IPs actually in use, or all possible IPs in a network? If the
latter, then it's not gunna fly for IPv6. Not at all. Not unless you
In message 50ee4113.2000...@blakjak.net, Mark Foster writes:
On 10/01/13 17:15, Karl Auer wrote:
On Wed, 2013-01-09 at 21:14 -0600, Otis L. Surratt, Jr. wrote:
FYI - I have a PTR for all IPs. Just general practice.
All IPs actually in use, or all possible IPs in a network? If the
latter,
Any moron can run a DNSBL. Many morons do. But that doesn't mean
that anyone actually uses them.
They are yes. Emails are being blocked due to the listing on spamrats.
Please show us a copy of one of the failure messages. Feel free to
redact any private information, but please leave the IP
On 1/9/2013 11:41 PM, Mark Andrews wrote:
$GENERATE, as someone else pointed out, solves that problem for you?
(Does it scale for IPv6? I can't recall - but surely this could be
scripted too.)
No. A /64 has 18,446,744,073,709,551,616 addresses. Even if you
had machines that supported
In message 50ee471c.7010...@utc.edu, Jeff Kell writes:
On 1/9/2013 11:41 PM, Mark Andrews wrote:
$GENERATE, as someone else pointed out, solves that problem for you?
(Does it scale for IPv6? I can't recall - but surely this could be
scripted too.)
No. A /64 has 18,446,744,073,709,551,616
On Thu, Jan 10, 2013 at 12:58:59PM +1000, Julian DeMarchi wrote:
This is the first RBL I have seen list a /24 for lack of PTRs.
Maybe because it's redundant: a PTR check should be automatic on any
incoming SMTP connection. Just think of all the traffic their survey
tool generated in compiling
On 1/9/2013 9:58 PM, Julian DeMarchi wrote:
There is an anti-spam company called Spam Rats[1]
They have listed a /24 of my companies for lack of PTRs in the range
I find SpamRats' lists helpful in spam filtering as a low scoring list
because it puts some new emitters which haven't had time
On 01/10/2013 02:55 PM, Rob McEwen wrote:
But if your information is accurate and I understand you correctly, then
I agree that they shouldn't list the whole /24 in their PTR list if SOME
of those IPs *do* have PTRs.
My information is correct. The /24 is listed _only_ on the no-ptr list.
---
No point. address - name - address doesn't work with wildcards.
(Still an IPv6 implementation virgin, just curious :) )
If you want to do generic IPv6 rDNS for all your hosts, you're
stuck with a variety of less than great possibilities.
One is a stunt rDNS server that synthesizes the
In message 20130110053429.55493.qm...@joyce.lan, John Levine writes:
No point. address - name - address doesn't work with wildcards.
(Still an IPv6 implementation virgin, just curious :) )
If you want to do generic IPv6 rDNS for all your hosts, you're
stuck with a variety of less than
One is a stunt rDNS server that synthesizes the records on demand.
(Bonus points for doing DNSSEC, too. Double bonus points for doing
NSEC3.)
NSEC3 is a waste of time in ip6.arpa or any similarly structured
zone so -100 for doing NEC3 and effectively doing a DoS attack
against yourself and
In message alpine.bsf.2.00.1301100106560.55...@joyce.lan, John R. Levine wr
ites:
One is a stunt rDNS server that synthesizes the records on demand.
(Bonus points for doing DNSSEC, too. Double bonus points for doing
NSEC3.)
NSEC3 is a waste of time in ip6.arpa or any similarly
Subject: Re: [SHAME] Spam Rats Date: Thu, Jan 10, 2013 at 03:50:37PM +1100
Quoting Mark Andrews (ma...@isc.org):
In message 50ee471c.7010...@utc.edu, Jeff Kell writes:
Can you wildcard it?
No point. address - name - address doesn't work with wildcards.
OTOH, if the requirement is must
51 matches
Mail list logo
