DNSOP mailing list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: dnsop@cafax.se
From: Markus Stumpf <maex-lists-dns-ietf-dnsop@Space.Net>
Date: Tue, 26 Feb 2002 15:18:20 +0100
Content-Disposition: inline
In-Reply-To: <ilu1yf9xhnh.fsf@josefsson.org>; from simon+dnsop@josefsson.org on Tue, Feb 26, 2002 at 12:31:46AM +0100
Sender: owner-dnsop@cafax.se
User-Agent: Mutt/1.2.5i
Subject: Re: Minneapolis - agenda items please.

On Tue, Feb 26, 2002 at 12:31:46AM +0100, Simon Josefsson wrote:
> see how it harms anyone else but the people that put incorrect
> information in their own DNS zones.

Assume  example.com has a MX to mail.example.com and mail.example.com
has A 127.0.0.1.
You receive e.g. spam from @example.com and your mailserver tries do deliver
a bounce. I am sure there a lot of mailservers out there that will suffer
quite some harm (and did in the past).

Another example is section
     6.3 SMTP servers behind firewalls
I know lot of e.g. universities do this. Their faculties are somewhat
independant and want to maintain their own DNS and Mailservers, but
they have zillions of relay open workstations. So the computing staff
blocks port 25 incoming on the border routers and forces the departments to
add a lower priority MX gate.university. That way they don't have to maintain
static routing tables on the mailserver as gate.university delivers
via MX and does "the right thing". However this has a big impact
on the sending mailservers, as they never can reach the best prio MX,
time out and then backup. So it doesn't harm the DNS maintainers but
people that try to send email to that destination.

> Of course, the contents of the draft is good and everyone should
> understand and follow it, but doesn't everyone already?  Is there any
> point in caring about the people that doesn't?

Yes. Some people simply don't think of consequences or are too unexperienced.
Developers of software (e.g. mailservers) have a document of "bad things"
that can happen and may put workarounds in.
Thus I think it fits pretty well as a companion to
    1178 Choosing a Name for Your Computer
    1536 Common DNS Implementation Errors and Suggested Fixes
    1713 Tools for DNS debugging
    1912 Common DNS Operational and Configuration Errors
    2182 Selection and Operation of Secondary DNS Servers


	\Maex

-- 
SpaceNet AG            | Joseph-Dollinger-Bogen 14 | Fon: +49 (89) 32356-0
Research & Development |       D-80807 Muenchen    | Fax: +49 (89) 32356-299
"The security, stability and reliability of a computer system is reciprocally
 proportional to the amount of vacuity between the ears of the admin"

Follow-Ups:
- Re: Minneapolis - agenda items please.
  - From: Simon Josefsson <simon+dnsop@josefsson.org>
- Re: Minneapolis - agenda items please.
  - From: "Donald E. Eastlake 3rd" <dee3@torque.pothole.com>

References:
- Re: Minneapolis - agenda items please.
  - From: Philip Hazel <ph10@cus.cam.ac.uk>
- Re: Minneapolis - agenda items please.
  - From: Simon Josefsson <simon+dnsop@josefsson.org>

Prev by Date: Re: I-D ACTION:draft-ietf-dnsop-dontpublish-unreachable-03.txt
Next by Date: Re: Minneapolis - agenda items please.
Prev by thread: Re: Minneapolis - agenda items please.
Next by thread: Re: Minneapolis - agenda items please.
Index(es):
- Date
- Thread

Home | Date list | Subject list