[PLUG] The problem with DNS blacklists...

Michael C. Robinson plug_1 at robinson-west.com
Wed Aug 17 06:20:53 UTC 2011


I'm experimentally rejecting unlisted IP addresses that don't reverse
resolve.  Probably the wrong thing to do, but how bad is this?  I've
noted that a few important sites don't reverse resolve.  What percentage
of sites on the Internet don't have a reverse PTR record and why?  Is it
legitimate for their to be no reverse record when one site is hosted on
the IP block of another?

I'm looking to keep what I'm doing simple where I want to do something
with the DNS infrastructure to make my spam wall stronger.  One thought
is to have a white list of IP addresses in cases where there
is no reverse name resolution.  I simply have to check the white list
prior to rejecting an IP for not being reverse listed.  This approach is
a patching approach though and patches make things more complex.




More information about the PLUG mailing list