[NTLUG:Discuss] How does MAPS RBL work?
Chris J Albertson
alb at chrisalbertson.com
Wed Jul 2 14:20:51 CDT 2003
I did some digging.
First, they offer two types of server, as I kinda said in my original reply. one
is query, the other is zone transfer.
They offer the zone transfer to reduce response time (and I'm sure DNS load on
their servers). However, I would bet the transfer is pretty big, since it's the
entire list of IPs.
Their query option is just that, a direct query.
You make a good point about your primary DNS server doing the query of the
authoritative DNS server on behalf of the client and returning the results.
However, the contract that MAPS has you complete only asks for your mail server
IP address. This tells me that your IP address must ride on the UDP
communication for DNS queres.
That fact of the matter is that the IP address of the mail server must be
getting to the MAPS dns server so they can verify authenticity. There is no
documentation that tells you that you must change the primary DNS server of your
mail server to their server. I can't believe they would have you do this anyway,
because they have 5+ DNS servers running across the world for disaster recovery.
This would make a painful maintenance effort.
Here are some links for ya.
http://mail-abuse.org/feestructure.html
http://mail-abuse.org/rbl/usage.html
--
Chris Albertson
Owner - ChrisAlbertson.com (Actually, I rent, with an option to buy)
======================================================
^ You can find my PGP public key, ^
^ email server policy, and other misc "stuff" at.. ^
^ http://www.chrisalbertson.com. ^
======================================================
Quoting Neil Aggarwal <neil at JAMMConsulting.com>:
Chris:
I can list a set of IPs that are allowed to query a zone
in BIND, but here is the problem I see:
When any server wants to query DNS, it sends a query
to the DNS servers it is configured with. These are usually
local to it.
The local DNS server will then look up the DNS servers that
are authoritative for the zone and send a query to one
of them.
Here is the problem:
1. If I require all mail servers to change their nameservers
to the ones hosting the blacklist zone, there are two
problems:
a. This puts a requirement on the mailservers that I
would like to avoid.
b. Our DNS servers will be handling all DNS requests
for those servers, which means our DNS servers
will be handling more traffic than they should.
2. If I allow the ISPs mailservers to make queries to the
DNS blacklist, then it will be hard to enfore the
subscription of the blacklist since all customers
of that ISP will have access to the list.
That is why I am trying to figure out what MAPS did
to solve this issue.
Thanks,
Neil
--
Neil Aggarwal, JAMM Consulting, (972)612-6056, www.JAMMConsulting.com
FREE! Valuable info on how your business can reduce operating costs by
17% or more in 6 months or less! => http://newsletter.JAMMConsulting.com
> -----Original Message-----
> From: discuss-bounces at ntlug.org
> [mailto:discuss-bounces at ntlug.org] On Behalf Of Chris J Albertson
> Sent: Wednesday, July 02, 2003 12:47 PM
> To: discuss at ntlug.org
> Subject: Re: [NTLUG:Discuss] How does MAPS RBL work?
>
>
> mail-abuse.org does work with DNS lookups, but they are a
> for-profit group. They
> will let hobbyists use their stuff, but you need to sign a
> contract first.
> So, just flat-out doing DNS queries to them won't work.
> Also, it's been a bit since I looked into them, but I believe
> you need to do a
> DNS replicate with them, rather than a direct query.
>
> One way I can think that one would implement this would be by
> the use of BIND9+
> views. This would allow you to specify what IP addresses are
> able to query your
> domain.
>
> Good luck!
>
> --
> Chris Albertson
> Owner - ChrisAlbertson.com (Actually, I rent, with an option to buy)
>
> ======================================================
> ^ You can find my PGP public key, ^
> ^ email server policy, and other misc "stuff" at.. ^
> ^ http://www.chrisalbertson.com. ^
> ======================================================
>
>
> Quoting Neil Aggarwal <neil at JAMMConsulting.com>:
>
> Hello:
>
> We are running a DNS blacklist and want to also offer a subscription
> service like the MAPS RBL list at http://mail-abuse.org/
>
> Does anyone know how their system works?
>
> If I do:
> dig on 2.0.0.127.blackholes.mail-abuse.org
>
> I don't get an answer.
>
> Any ideas?
>
> Thanks,
> Neil
>
> --
> Neil Aggarwal, JAMM Consulting, (972)612-6056, www.JAMMConsulting.com
> FREE! Valuable info on how your business can reduce
> operating costs by
> 17% or more in 6 months or less! =>
> http://newsletter.JAMMConsulting.com
>
>
>
> _______________________________________________
> https://ntlug.org/mailman/listinfo/discuss
>
>
> -------------------------------------------------
> This email was sent from www.chrisalbertson.com
> using the IMP mailing program, part of the Horde suite
> of information management tools.
> http://horde.org/
>
>
_______________________________________________
https://ntlug.org/mailman/listinfo/discuss
-------------------------------------------------
This email was sent from www.chrisalbertson.com
using the IMP mailing program, part of the Horde suite
of information management tools.
http://horde.org/
More information about the Discuss
mailing list