nanog mailing list archives
Re: ICANN opens up Pandora's Box of new TLDs
From: Rich Kulawiec <rsk () gsp org>
Date: Sat, 28 Jun 2008 06:48:54 -0400
On Fri, Jun 27, 2008 at 01:40:03PM -0700, David Conrad wrote:
On Jun 27, 2008, at 5:22 AM, Alexander Harrowell wrote:Well, at least the new TLDs will promote DNS-based cruft filtration. You can already safely ignore anything with a .name, .biz, .info, .tv suffix, to name just the worst.Does this actually work? The vast majority of spam I receive has an origin that doesn't reverse map.
Best practice is refuse all mail that comes from any host lacking rDNS, since that host doesn't meet the minimum requirements for a mail server. After that, other sanity checks (such as matching forward DNS, valid HELO, proper wait for SMTP greeting, etc.) also knock out a good chunk of spam. Yes, some of these also impact non-spamming but broken mail servers, however, this is usually the only way to get the attention of their operators and persuade them to effect repairs. Beyond that, blocking of various gTLDs and ccTLDs and network allocations works nicely, depending on what your particular mix of inbound spam/not-spam is. Understanding of your own inbound mail mix is crucial to deciding which ones are viable for your operation. Locally, I've had .cn and .kr along with their entire network allocations blacklisted for years, and this has worked nicely; but clearly it wouldn't work well for, say, a major US research university. Locally, .name, .info and .tv are permanently blacklisted, and I recommend this to others: they're all heavily spammer-infested. .biz is not blacklisted at the moment, largely because it's been so badly ravaged that spammers *appear* to be abandoning it. ---Rsk
Current thread:
- Re: ICANN opens up Pandora's Box of new TLDs, (continued)
- Re: ICANN opens up Pandora's Box of new TLDs Alexander Harrowell (Jun 27)
- Re: ICANN opens up Pandora's Box of new TLDs Marshall Eubanks (Jun 27)
- Re: ICANN opens up Pandora's Box of new TLDs John Levine (Jun 27)
- Re: ICANN opens up Pandora's Box of new TLDs Marshall Eubanks (Jun 27)
- Re: ICANN opens up Pandora's Box of new TLDs David Conrad (Jun 27)
- Re: ICANN opens up Pandora's Box of new TLDs Randy Bush (Jun 27)
- Re: ICANN opens up Pandora's Box of new TLDs Jim Shankland (Jun 27)
- Re: ICANN opens up Pandora's Box of new TLDs Phil Regnauld (Jun 28)
- Re: ICANN opens up Pandora's Box of new TLDs Rich Kulawiec (Jun 28)
- Re: ICANN opens up Pandora's Box of new TLDs Robert E. Seastrom (Jun 28)
- Re: ICANN opens up Pandora's Box of new TLDs Rich Kulawiec (Jun 28)
- Re: ICANN opens up Pandora's Box of new TLDs Phil Regnauld (Jun 28)
- Re: ICANN opens up Pandora's Box of new TLDs Rich Kulawiec (Jun 28)
- Re: ICANN opens up Pandora's Box of new TLDs Phil Regnauld (Jun 28)
- Re: ICANN opens up Pandora's Box of new TLDs bmanning (Jun 28)
- RE: Mail Server best practices - was: Pandora's Box of new TLDs michael.dillon (Jun 28)
- Re: Mail Server best practices - was: Pandora's Box of new TLDs Phil Regnauld (Jun 28)
- RE: Mail Server best practices - was: Pandora's Box of new TLDs Frank Bulk - iNAME (Jun 28)
- Re: Mail Server best practices - was: Pandora's Box of new TLDs Jim Popovitch (Jun 28)
- Re: Mail Server best practices - was: Pandora's Box of new TLDs Jean-François Mezei (Jun 28)
- Re: Mail Server best practices - was: Pandora's Box of new TLDs Chris Owen (Jun 28)