Re: ICANN opens up Pandora's Box of new TLDs

• From: Rich Kulawiec
• Date: Sat Jun 28 12:06:21 2008

• List-archive: <http://mailman.nanog.org/pipermail/nanog>
• List-help: <mailto:[email protected]?subject=help>
• List-id: North American Network Operators Group <nanog.nanog.org>
• List-post: <mailto:[email protected]>
• List-subscribe: <http://mailman.nanog.org/mailman/listinfo/nanog>, <mailto:[email protected]?subject=subscribe>
• List-unsubscribe: <http://mailman.nanog.org/mailman/listinfo/nanog>, <mailto:[email protected]?subject=unsubscribe>

On Sat, Jun 28, 2008 at 01:56:53PM +0200, Phil Regnauld wrote:
> Rich Kulawiec (rsk) writes:
> > 
> > Best practice is refuse all mail that comes from any host lacking rDNS,
> > since that host doesn't meet the minimum requirements for a mail server.
> 
> 	No, that's utterly stupid.  You're excluding countries which have
> 	poor infrastructure or clueless ISPs (usually legacy telco operators)
> 	who can't be bothered to administrate IN-ADDR.ARPA delegations for
> 	their customers. 

I don't see a problem with not accepting mail from clueless ISPs or their
customers.  The requirement for rDNS has been around for decades.
Anyone who's not aware of it has no business running a mail server.

> Millions of botnet PCs have valid reverses.

Yes, I'm well aware of this, especially since I was AFAIK one of the first
people to document the use of botnet PCs to send spam.  And of course
That's why this particular measure doesn't work for them, but other
best practices do, e.g., rejecting mail from known-dynamic/generic IP space
or known-dynamic/generic namespace unless it's your own customer or is
being submitted with authentication non-port 25
> 
> > Yes, some of these also impact non-spamming but broken mail servers,
> > however, this is usually the only way to get the attention of their
> > operators and persuade them to effect repairs.
> 
> 	You're kidding, right ?  They don't give a rat's ass.

Then they should not be troubled that their mail is being rejected.

> > Locally, .name, .info and .tv are permanently blacklisted, and I recommend
> > this to others: they're all heavily spammer-infested.  .biz is not
> > blacklisted at the moment, largely because it's been so badly ravaged
> > that spammers *appear* to be abandoning it.
> 
> 	"Bomb the bridge, salt the earth" approach ?

I'm not the one of the people who thought .info was a good idea (what,
domains in other TLDs don't provide "information"?)  I'm not the one
who decided to sell domains in that TLD to spammers by the tens of
thousands, thus effectively devaluing it for everyone else.  I'm not
the one responsible for failure to enforce any meaningful requirements
on registrars to control abuse by their customers.  And so on.

I suggest laying blame on the people who are responsible for the current
state of affairs, not on the recipients of abuse.

---Rsk

• Follow-Ups:
  • Re: ICANN opens up Pandora's Box of new TLDs Phil Regnauld

• References:
  • RE: ICANN opens up Pandora's Box of new TLDs michael.dillon
  • Re: ICANN opens up Pandora's Box of new TLDs John Levine
  • Re: ICANN opens up Pandora's Box of new TLDs Alexander Harrowell
  • Re: ICANN opens up Pandora's Box of new TLDs David Conrad
  • Re: ICANN opens up Pandora's Box of new TLDs Rich Kulawiec
  • Re: ICANN opens up Pandora's Box of new TLDs Phil Regnauld

• Prev by Date: Re: Expired SSL cert for mms.nexteldata.net
• Next by Date: Re: ICANN opens up Pandora's Box of new TLDs
• Date Index
• Thread Index
• Author Index
• Historical