This archive is retained to ensure existing URLs remain functional. It will not contain any emails sent to this mailing list after July 1, 2024. For all messages, including those sent before and after this date, please visit the new location of the archive at https://mailman.ripe.net/archives/list/[email protected]/
[dns-wg] Re: Swedish ISP TCD Song Adopts DNSSEC
- Previous message (by thread): [dns-wg] Re: Swedish ISP TCD Song Adopts DNSSEC
- Next message (by thread): [dns-wg] Swedish ISP TCD Song Adopts DNSSEC
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Max Tulyev
president at ukraine.su
Tue Feb 27 11:50:59 CET 2007
Doug Barton wrote: > Max Tulyev wrote: >> We (NetAssist, Kiev, Ukraine) did it a year ago (RIPE backresolve, .se, >> .ru, .net, .com as well as ISC's DLV checking). > > I think this is a great move. Have you had any feedback from your users? Common users didn't notify any differences. But some of experienced ones notified slightly increased time of resolve. I notified significant decrease of spam. > How is the information about whether the RRsets are signed and/or > validated, or not, getting back to the clients? IOW, if I'm a piece of > anti-spam software, how do I know that the answer I received is signed > and validated? If you are just resolver client and someone trying to cheat backresolve tests - you'll get this IP is just not resolved. And of course, you can use libraries such as http://www.net-dns.org/ For me, failed DNSSEC validation of DNS resolve (including DNS BL tests) is the enough argument to drop that mail as the spam or fraud. By the way, is there any tools and/or log analyzers to gather and analyze some statistics about DNSSEC working on my servers? -- WBR, Max Tulyev (MT6561-RIPE, 2:463/253 at FIDO)
- Previous message (by thread): [dns-wg] Re: Swedish ISP TCD Song Adopts DNSSEC
- Next message (by thread): [dns-wg] Swedish ISP TCD Song Adopts DNSSEC
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
[ dns-wg Archives ]