Jason Bertoch wrote:
-----Original Message-----
From: Kris Deugau [mailto:[EMAIL PROTECTED]
Sent: Tuesday, September 23, 2008 3:27 PM
To: users
Subject: Re: New free blacklist: BRBL - Barracuda Reputation Block List
IMO there's little excuse not to have *some* kind of rDNS on
every single IP delegated from ARIN, RIPE &c. ("We just got assigned a
new /20 and we haven't set them up yet" is one such valid excuse. <g>)
I must disagree on this note. I look forward to the day when we can
confidently use the absence of rDNS to identify hosts not authorized to send
mail directly to external hosts.
This is not going to happen.
As a result of this belief, I do not
assign rDNS to any of my customers' IP's until they request one for mail
hosting or other legitimate reasons. My hope is that if any of my customers
get infected they will trigger Botnet or other rules that target the absence
of rDNS.
It is better to assign an easily distinguished rDNS. something like
4-3-2-1.user.example.com
so that people can simply block .user.example.com if they want (don't
use complex forms. make it easy to block a domain and its subdomains).
