Now that the noise level (SQLSlammer) is down: It looks like AT&T put the finger back into the dike on this for now: You don't really want your customer service call center get flooded by two issues at once: http://www.internet-magazine.com/news/view.asp?id=3110 On 1/24/2003 at 7:16 PM, sean@donelan.com wrote:
In the good old days, when network engineers used VT100 terminals and 300 baud (not bps) acoustic modems, ftp.uu.net enforced the requirement for "valid" reverse and forward DNS entries for anonymous FTP access.
It was the single most important source for files on the Internet, along with maybe SIMTEL-20 : you couldn't get around it, no matter how hard you tried. Fast forward 10 years: would you even dare to put "HostnameLookups yes" into your Apache config? Not if you don't feel like having well-populated DNS caches useful to you for some other purpose, you don't. A purely operational configuration choice.
Doesn't anyone else find it funny when people scream that ISPs should block ports and shoot people with misconfigured systems; yet when an ISP actually does enforce even a modest requirement; people start screaming how unfair or stupid that ISP is for doing that.
We sure all hate tracerouting through APNIC space, and seeing up to 12 routers in a row without reverse DNS - to the point where one could believe that noone in Korea ever heard of the in-addr.arpa zone : Apart from AT&T having the "left hand/right hand" (hypocritic) problem with being service providers to spammers on one hand, and aching under the receiving load of it on the other: Good intentions, but failed to even do a basic Google search to see how other people fared with this, let alone running a test and labelling incoming mails rather than blocking them. Now to toss a bit more oil into the fire: "unknown.level3.net" , anyone ? And remember: it's not neglience, it's Level3's secret "handshake", telling you that the block in question should be filtered by you at any cost :)