North American Network Operators Group
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: what happens when you put a typo in a DNSBL server?

  • From: Steve Atkins
  • Date: Wed Jan 17 11:36:33 2007


On Jan 16, 2007, at 8:36 AM, Wes Hardaker wrote:



A number of ISPs use njabl.org as a DNS BL server.  However, starting
jan 2 a new domain exists "njalb.org" which is serving A records for
anything queried against it's DNS server.  (note the difference: njaBL
vs njaLB). Previous to this date a misconfigured ISP was just not
being protected by the BL.  Now, it's potentially dropping all mail
from anyone because of the typo.


If you screw up your mail configuration, you'll lose email.

I'm more concerned about the deluge of DNS queries caused
by people who randomly punch strings into their mailfilters
and cause quite a lot of traffic to third party DNS servers.

When I see people doing that to my DNS servers, I add
a wildcard record in the hope that they'll notice. The worst case is
when they're hitting the (non-existent) blacklist just to get
a value to feed into something like spamassassin that will
proceed to deliver the mail anyway.

There are de-facto standards that will prevent all this
happening, but the writers of spam filters are (as far
as I know, without exception) too stupid or too lazy
to take advantage of this.

Cheers,
  Steve