[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Asrg] rDNS

>>> As an anti-abuse effort, some providers [...] do not accept
>>> connections without a reverse DNS entry being found.
> This used to be typical of FTP servers in the '80s.  However, some
> feedback loop providers apparently make use of it today.

As do various others - my mailserver, for example, will not accept mail
from hosts with missing or broken rDNS.

> IMHO, synthesizing informations on that basis is symptomatic of
> technologies in their infancy being desperately greedy for data they
> cannot obtain [otherwise].

"Synthesizing" information?  What's synthetic about (paraphrased) "your
rDNS is missing or broken, so I won't listen to you"?

>>> As a result, these providers may be unable to communicate with some
>>> organizations or geographic regions.
>> Right.  So?  Someone who doesn't tolerate dashes in domain names
>> won't be able to communicate with rodents-montreal.org, either.
> I never heard about dash-intolerants.  Are you kidding?

Not in the sense you probably mean.  The "As a result" quote appeared
to be citing this as a problem with rejecting based on missing rDNS; my
point was just that it isn't necessarily so, that just because two
sites make choices that, combined, mean they can't communicate does not
make either of those choices inherently wrong.  Dash intolerance was
just a somewhat-over-the-top example of one such choice (the paired
other choice being my choice to use a domain with a dash in it).

>>> Who is wrong, because in the case of email, reverse DNS is clearly
>>> being misused.
>> It's not clear to me that anyone is wrong there, nor that rDNS is
>> being misused.
> Much like whois, rDNS is being used in relation with the possibility
> to individuate who, if any, is responsible for running a host at the
> given address.

Sometimes.  Sometimes, as in my own case, it's not so much because it
tells me who's responsible as because it correlates with having clue
(thereby being less likely to be a problem).

> DNSBLs, certificates, reputation, etcetera, all rotate around
> allocations of those IP numbers, but rDNS dependence reveals
> unreadiness for a truly virtual environment: What if _all_ IPs were
> dynamic?

What if they were?  Those who care about such things would presumaaably
update their DNS as the assign and reclaim IPs.  At worst, rDNS
checking might become useless.  Neither possibility means there's
anything wrong with using it now.

/~\ The ASCII				  Mouse
\ / Ribbon Campaign
 X  Against HTML		mouse at rodents-montreal.org
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B