Variable SOAs in negative responses
John Levine
johnl at iecc.com
Tue Jan 28 22:08:08 UTC 2014
>>For addresses that aren't listed, some of the NXDOMAINs are a lot less
>>likely to change than others, e.g, the address of an outbound mail
>>server at a large mail provider is unlikely ever to be listed, but a
>>random host at a hosting provider in India, who knows. So he'd like
>>to have the TTLs on some of those NXDOMAINs be longer than others, by
>>putting a different TTL in the SOA in the authority section.
>
>If you know those IPs, why do you check them for being listed at all?
The DNSBL operator knows the IPs belong to large mail providers. The
clients don't, and are checking them because they're getting mail from
them.
>If any IP starts spamming, why to give it longer time to appear in the
>blacklists? I don't think this makes sense at all...
Most DNSBLs try to avoid false positives. The chances that Gmail (or
whoever) would suddenly start sending so much spam that it would swamp
the real mail and make them worth listing are extremely low.
I realize there are DNSBLs that list on the merest whiff of spam and
don't care if they block legitimate mail. That's not what we're
talking about here.
R's,
John
More information about the bind-users
mailing list