To:
DNSOP WG <dnsop@cafax.se>
From:
Markus Stumpf <maex-lists-dns-ietf-dnsop@Space.Net>
Date:
Tue, 10 Dec 2002 12:31:36 +0100
Content-Disposition:
inline
Sender:
owner-dnsop@cafax.se
User-Agent:
Mutt/1.2.5.1i
Subject:
DNS abuse handling/complaining strategies
Sorry if this is not fully on topic, but I couldn't find any documents
or a IMHO better place to ask.
We have the problem that your nameservers sometimes get flooded by queries
a) misconfigured DNS delgations
b) through broken resolver libraries
Currently this happens through
0.138.20.68.in-addr.arpa. 2H IN NS ns3.dns.space.net.
0.138.20.68.in-addr.arpa. 2H IN NS ns1.ameritech.net.
0.138.20.68.in-addr.arpa. 2H IN NS ns2.ameritech.net.
0.138.20.68.in-addr.arpa. 2H IN NS ns.space.net.
I don't know why Ameritech thinks two of our DNS server should be
AUTH for that netblock.
I have mailed the usual places (SOA contact, abuse@ameritech.net) more
than one time within the last 14 days but all I got back were robot answers.
We see a few thousands of queries per day. As the queries come from all over
the world we cannot simply block/filter them.
What would be the best strategy to get the problem fixed, i.e. misconfigured
delegation and non-responsive contacts?
- Add the zone and setup PTRs like we.are.clueless.ignorants.<isp-domain>
- Write the RIR (i.e. ARIN) and ask them to remove the delegation for
20.68.in-addr.arpa? Would/should the RIR take (such) actions?
What are others doing?
Thanks,
\Maex
P.S. Ameritech is not the only one causing this kinda problems. But the
others usually react if one gets obtrusive enough.
--
SpaceNet AG | Joseph-Dollinger-Bogen 14 | Fon: +49 (89) 32356-0
Research & Development | D-80807 Muenchen | Fax: +49 (89) 32356-299
"The security, stability and reliability of a computer system is reciprocally
proportional to the amount of vacuity between the ears of the admin"
#----------------------------------------------------------------------
# To unsubscribe, send a message to <dnsop-request@cafax.se>.