Re: [anti-spam-wg] Fwd: IRT abuse-mailbox things...
-
From: Peter Koch pk@localhost
-
Date: Thu, 8 Feb 2007 20:27:13 +0100
On Thu, Feb 08, 2007 at 06:30:16PM +0100, Martin Neitzel wrote:
> Is an RP entry for a domain name supposed to have coverage about
> its sub-domain unless more specific entries exist? In other words:
> If foo.bar.example.com is source of some trouble but doesn't have an
> RP RR, and neither does bar.example.com, would it be OK to contact
> an RP for example.com? (Same situation for in-addr, of course.)
RFC 1183 is silent about this as it is silent about other aspects of the
RP RR. For example, it does not say whether RP is more like an admin-c
or a tech-c or other distinctions that were made after 1990.
It does not talk about applying RP to whole domains (other than saying
that RP is not only for the leaves) and it does not say anything about
RP being applied in the IN-ADDR tree. That doesn't prohibit its use
there, but just there is no "resolution context".
To answer your question: DNS tree climbing is generally a bad idea, unless
you definitely know something about the hierarchy in the particular namespace.
In IN-ADDR you'd likely end up at the ISP or even the RIR, where the latter
is probably a bad addressee and usually has no "responsibility" for the
hosts or networks you were initially looking for.
In the forward DNS space DNS hierarchy does neither imply nor follow
administrative hierarchy, so you may end up at a completely wrong
destination, as well.
-Peter