On Wed, Oct 30, 2013 at 12:12 PM, Nolan Rollo <nrollo@kw-corp.com> wrote:
RFC draft-msullivan-dnsop-generic-naming-schemes-00.txt states: When using IP addresses in host names, their numbers SHOULD be separated by '.'s (dots) rather than any meta character such as a '-' (dash) and expressed in decimal. Host names SHOULD NOT use the '_' (underscore) character, host names for hosts with any form of SMTP mail service MUST NOT use the '_' (underscore) character. It is preferable to use the IP address in reverse format in the same way the the IN-ADDR.ARPA. domain is defined.
Hi Nolan, Although no longer strictly required by the DNS RFCs, names which follow these conventions are more likely to work with everyone else's DNS servers. 1. Use only English alphabetic characters (a-z, A-Z), numeric characters (0-9), the hyphen and the period. 2. The periods separate non-null sections of the name. You can't start a name with a period or have two periods side by side. 3. Start each section of the name with a letter, not a number or hyphen. 4. Two hyphens can't be side by side, nor can a hyphen start or end a section of the name. Finally, the cardinal rule of reverse dns: whatever name the address resolves to must resolve back to the address. If you don't do that, you're basically asking for a whole bunch of servers on the Internet to reject your connections. So: 13.12.11.10.in-addr.arpa PTR bob.examplecompany.com. bob.examplecompany.com. A 10.11.12.15 is wrong (13!=15) and will cause your users problems! Also, if you omit the A record and simply have the PTR record, that too will cause your users problems. If you omit the A record, you should also omit the PTR record and let the address stand without DNS.
Actual Examples: cpe-67-XX-XX-XX.stny.res.rr.com - 67.XX.XX.XX d28-XX-XX-XX.dim.wideopenwest.com - 28.XX.XX.XX c-68-XX-XX-XX.hsd1.mi.comcast.net - 68.XX.XX.XX 24-XX-XX-XX.static.bycy.mi.charter.com - 24.XX.XX.XX
All of these examples are fine provided the forward DNS (A record) matches.
Which finally brings me to my questions: It seems like the unspoken de facto that mail admins appreciate given the IP 203.0.113.15 is "203-0-113-15.[type].[static/dynamic].yourdomain.tld". This seems perfectly acceptable, it's short, detailed and to the point. Is there really anything bad about this?
This is mainly for the benefit of the folks who run RBLs or other mail reputation services. They use this information when classifying the source and grouping sources into netblocks. If you take the time to distinguish your intended mail servers from your dialup address pool they'll try not to include your mail server when they ban mail directly from your dialup address pool. It's more a human factors question than supporting any automation. You're hoping that by explaining your network to the antispammers they'll cut you some slack when one of your doofus users gets pwned by a spam bot. Many will. Some won't.
What, if any would you name a network, gateway, broadcast address? Should the PTR be empty?
Pretty much whatever you want or nothing at all. If it doesn't originate packets then nobody out there cares what it's named. Regards, Bill Herrin -- William D. Herrin ................ herrin@dirtside.com bill@herrin.us 3005 Crane Dr. ...................... Web: <http://bill.herrin.us/> Falls Church, VA 22042-3004