[dns-operations] email address in SOA

Michele Neylon :: Blacknight michele at blacknight.com
Mon Dec 10 14:46:46 UTC 2012 

If anyone has any actual evidence of SOA data being used for spam I'd love to see it .. 


--
Mr Michele Neylon
Blacknight Solutions
Hosting & Colocation, Brand Protection
http://www.blacknight.com/
http://blog.blacknight.com/
http://mneylon.tel/
Intl. +353 (0) 59  9183072
Locall: 1850 929 929
Direct Dial: +353 (0)59 9183090
Fax. +353 (0) 1 4811 763
Twitter: http://twitter.com/mneylon
-------------------------------
Blacknight Internet Solutions Ltd, Unit 12A,Barrowside Business Park,Sleaty
Road,Graiguecullen,Carlow,Ireland  Company No.: 370845

________________________________________
From: dns-operations-bounces at lists.dns-oarc.net [dns-operations-bounces at lists.dns-oarc.net] on behalf of Chris Thompson [cet1 at cam.ac.uk]
Sent: 10 December 2012 14:40
To: Joe Abley
Cc: DNS Operations List
Subject: Re: [dns-operations] email address in SOA

On Dec 6 2012, Joe Abley wrote, in re the SOA.rname field:

>It's used for
>
>(a) legitimate operational communication with a zone maintainer, and
>
>(b) source data for people harvesting addresses in order to send spam.
>
>Since the e-mail resulting from (b) greatly outnumbers the e-mail resulting
>from (a), it's a reasonable assumption on the part of an (a) sender that
>in most cases the address won't be useful. Correspondingly, it's a reasonable
>assumption on the part of most zone maintainers that the address doesn't
>matter, unless you're in the business of collecting spam (or have a really
>effective way to sift through the spam to find the legitimate mail).
>
>But perhaps I'm being over-cynical.

I think you are being over-cynical. Spam is a fact of Internet life, however
one advertises contact addresses, and I don't actually see much evidence that
spammers collect SOA.rname values rather than picking things out of web pages,
mailing list archives, etc.

Our main hostmaster address, in the SOA.rname of e.g. "cam.ac.uk" gets lots
of spam, but not much more than an alias which was almost certainly picked
up from web pages, while an SOA.rname for several other zones[*], which
probably appears in no unrestricted web pages, gets almost none.

[*] No, of course I'm not going to say which they are here... :-)

--
Chris Thompson               University of Cambridge Computing Service,
Email: cet1 at ucs.cam.ac.uk    New Museums Site, Cambridge CB2 3QH,
Phone: +44 1223 334715       United Kingdom.
_______________________________________________
dns-operations mailing list
dns-operations at lists.dns-oarc.net
https://lists.dns-oarc.net/mailman/listinfo/dns-operations
dns-jobs mailing list
https://lists.dns-oarc.net/mailman/listinfo/dns-jobs

More information about the dns-operations mailing list