[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

What would you do about questionable domain pointing A record to your IP address?

Subject: What would you do about questionable domain pointing A record to your IP address?
From: jbates at paradoxnetworks.net (Jack Bates)
Date: Fri, 20 Feb 2015 11:53:52 -0600
In-reply-to: <[email protected]>
References: <[email protected]>

On 2/20/2015 11:08 AM, Anne P. Mitchell, Esq. wrote:
> a) just not worry about it and keep an eye on it
If they have held the netblock for awhile and are already using the IP 
Address in question, this is fine. I presume that the servers don't 
actually respond for that domain (name-based web or domain based 
acceptance on a mail server).

> b) publish a really tight spf record on it, so if they are somehow compromised, email appearing to come from example.com and 127.0.0.1 should be denied
You must control a domain to control its SPF. This is not an option if 
they don't control the bad domain. DKIM or similar might be the more 
appropriate protocol? SPF protects domains, some of the other protocols 
protect the mail servers themselves.

> c) not use the IP address at all (it's part of a substantially larger block)
>
>
If it's a recently acquired netblock, then it may have a bad reputation 
due to prior use. Investigating the reputation and possibly avoiding 
that particular IP Address might be warranted.

Jack

References:
- What would you do about questionable domain pointing A record to your IP address?
  - From: amitchell at isipp.com (Anne P. Mitchell, Esq.)

Prev by Date: What would you do about questionable domain pointing A record to your IP address?
Next by Date: [j-nsp] draft-ietf-mpls-ldp-ipv6-16
Previous by thread: What would you do about questionable domain pointing A record to your IP address?
Next by thread: What would you do about questionable domain pointing A record to your IP address?
Index(es):
- Date
- Thread