[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Asrg] deloyment speed
Hoi,
the speed of deployment is an important factor for each general antispam
strategy. Peter Koch does the regional hostcount for DE domains for
RIPE. I have asked him to count MX records and if he can normalize
them to unique IP addresses. Following is his result (also posted to the
MARID list).
With
7600000 ~ number of 2nd level DE domains
compared to
144582 non-bogus IP adresses
used as MX hosts (and assuming that MX hosts and sending MTA are in the
same order of magnitude) it is quite evident that the deployment of a
strategy that tries to authorize MTAs with records in domain zones
will be a lot more complicated and slower than a scheme that manages
to authorize MTAs per se.
Here's the original email:
----- Forwarded message from Peter Koch <pk at TechFak.Uni-Bielefeld.DE> -----
Date: Wed, 16 Jun 2004 22:07:08 +0200
To: IETF MARID WG <ietf-mxcomp at imc.org>
From: Peter Koch <pk at TechFak.Uni-Bielefeld.DE>
Subject: Re: MTAmark (was: Reality check please)
Markus Stumpf wrote:
> I am currently trying to contact people in DE. Peter Koch who is doing
> the monthly DNS host count for DE domains is willing to add a check for
> MX hosts and will provide information about the number of unique (based
> on IP address) MX server used for DE domains.
starting with 11291065 MX RRs coming out of this month's DE hostcount (see
http://www.TechFak.Uni-Bielefeld.DE/~pk/dns/hostcount/latest.html or
http://www.ripe.net/ripencc/pub-services/stats/hostcount/ for information on
what it is and how it works), the individual MX targets were identified,
bogus ones deleted and the remaining ones were fed a resolver to find the
number of unique IP addresses:
11291065 MX RRs
7600000 ~ number of 2nd level DE domains
<http://www.denic.de/en/domains/statistiken/>
1058962 unique MX RR targets
1057546 valid MX RR targets (no '.', IP addresses, ...)
146224 unique IP addresses after resolving MX RR target names
144582 non-bogus IP adresses (ignoring RFC 1918 addresses,
unallocated address space, multicast, ...)
Some remarks:
o Targets may reside both inside and outside DE.
o Some larger address space holders ("class B", universities etc) tend
to define MX RRs for almost all of their systems/addresses, sometimes
including dialin lines etc. Since MX is inbound only this may have an
adverse effect on the guesstimate for the proposal mentioned in the
subject line.
o The 144582 addresses belong to 26552 /24 address ranges.
o Approx. 75% of the addresses identified do have a working reverse
mapping (lead to one or more PTR RRs), the rest either yields NXDOMAIN
or has resolving problems (timeout, SERVFAIL). For NXDOMAIN I didn't
further differentiate 'not delegated' vs. 'not named in zone'.
o Viewing /24 zones (and ignoring RFC 2317 for the sake of simplicity)
80% of the /24's covered by the IP addresses found do have a working
reverse mapping.
So, this is just the data, I'm taking no position whether or not these
figures can be used to calculate/estimate the number or percentage of
``legitimate'' outbound SMTP clients.
-Peter
----- End forwarded message -----
_______________________________________________
Asrg mailing list
Asrg at ietf.org
https://www1.ietf.org/mailman/listinfo/asrg