[plug] dns reverse lookup

Craig Foster craig at fostware.net
Thu Sep 20 12:29:11 WST 2007



> -----Original Message-----
> From: plug-bounces at plug.org.au [mailto:plug-bounces at plug.org.au] On
> Behalf Of Peter Sutter
> Sent: Thursday, 20 September 2007 12:05 PM
> To: plug at plug.org.au
> Subject: Re: [plug] dns reverse lookup
> 
> On Thursday 20 September 2007 09:40, Craig Foster wrote:
> > >
<snip>
> > Correct. iiNet still have reverse DNS entries on dynamic IP, along
> the
> > lines of 203-59-14-16.dyn.iinet.net.au
> > Maybe the DNS server on the clients systems is running slow... How
> quick
> > does host or nslookup work on these boxes?
> >
> > Craig F.
> 
> No, it has nothing to do with dns on clients. iinet has a new address
> range, a
> B Class in 124.169.0.0 and started to dish out these addresses on
> Monday.  A
> nslookup results in
> ** server can't find 106.45.169.124.in-addr.arpa: NXDOMAIN
> 
> I have spoken to iinet and they blankly refuse to add reverse dns to
> this
> address range. If you want reverse dns, you need a static IP address
> which
> will cost more money. iinet considers reverse dns lookups as a
security
> risk,
> a view which I disagree with. I think that reverse lookup is a legal
> way to
> do some basic authentication, a hurdle which catches most spammers and
> phishers.
> 
<snip>
> 
> The consequences of this policy are that half the services offered by
> the
> internet will not be available for iinet users with dynamic IP
> addresses (if
> they get an IP address in the new 124.169.0.0 range. And most of these
> services are available under Linux only. Is this an intended bias?
> 
> Peter

I asked the wrong question, but got the answer I was looking for (re
106.45.169.124.in-addr.arpa: NXDOMAIN). 

I think that iitechie is slightly full of it... It'll slow their own
mail server down as it tries to lookup the client address for the
headers :/

I'm not surprised that iiNet won't do a specific reverse dns, however
their usual procedure is to create a bulk PTR lookup zone *before* the
range goes live... Someone dropped the ball, and my sources inside
aren't answering their mobiles.

CraigF.



More information about the plug mailing list