[dns-operations] DNS greylisting?
fw at deneb.enyo.de
Tue Mar 7 22:01:17 UTC 2006
* Gadi Evron:
>> The idea is to use SYN cookies to whitelist "good" addresses,
>> without keeping too much state servers-side. You can use CNAME RRs
>> to implement pure UDP-based cookies, by the way. (Riverhead
>> applied for a patent on such techniques, IIRC.)
> Is SPF for DNS next?
To prevent things like the kimble.org fiasco? I don't think the
community as a whole cares much about the right-hand side of DNS
records. This applies to other RHS issues, too, like lame delegations
and bogus authoritative name servers for some TLDs.
More information about the dns-operations