North American Network Operators Group|
Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical
Identifying IP address types
On Sun, 15 Feb 2004 [email protected] wrote: > On Sun, 15 Feb 2004 17:46:05 EST, Sean Donelan said: > > What if I told you about a method to identify the type of connection for > > every IP address in our DNS? You don't need to rely on third-party DUL > > lists. > > Hmm.. color me dubious, but keep talking. Best bet here would probably be > some interesting abuse of PTR records? You wouldn't be too far off. It depends on whether you consider the ISP a cooperative partner or a hostile participant. Not only are 3rd party block lists often out-of-date and difficult to update, the public has a hard time understanding the difference between an ISP voluntarily listing their IP addresses in a DUL list and being labelled a "spam haven" because their IP addresses are in a block list. If you assume the ISP wants to help (which you also have to assume for a port 25 blocks to work), how can an ISP provide first-party information about the status of an IP address on demand to anyone? My idea is to follow the RFC1101 example. PTR records already have other uses and requirements. So I suggest using another record type which doesn't have a current meaning in the reverse DNS. Instead use something like a HINFO record. 188.8.131.52.in-addr.arpa in ptr some1.example.net in hinfo Dynamic Dialup 184.108.40.206.in-addr.arpa in ptr some2.example.net in hinfo Static xDSL The ISP (or really the network administrator for the network block) is in the best position to know how the IP addresses are managed. The netadmin can keep the HINFO records up to date, or correct the record if they are incorrect. You don't need to guess which DUL maintainer contains records for various networks or worry about a DOS attacks on a few DNS servers affecting mail service globally. You always query the network administrator's DNS servers when you receive a connection from an IP address for information about that IP address.