[UA-discuss] Email from new domains going to Junk (was: Requesting a contact from outlook/hotmail)

Jothan Frakes jothan at jothan.com
Fri Aug 3 00:35:51 UTC 2018 

Have you heard of RPZ?  The TL;DR on RPZ is that the concept of things like
Spamhaus RBL blacklisting to quickly resolve SPAM is going to start
expanding into DNS so it is domain (or potentially TLD) based and not
protocol-specific

Paul Vixie from Farsight will be speaking at MERGE about RPZ - many of you
have the privilege of knowing him and his many contributions to the
stability and security of the Internet

https://mergeorlando2018.sched.com/event/FXXd/takedown-
vs-staydown-for-internet-identifiers-the-dns-rpz-firewall-approach


This is something that a network administrator can institute at its
perimeter nameservers / firewall, but that dominion can be a nation or a
large ISP just as easily as a company.

RPZ is worth some awareness within UASG as it may impact domain names from
resolving everywhere immediately that are first activating because RPZ
intentionally creates a delay (I am oversimplifying this)

The delay is involved intentionally to counter fast-flux or fluid-instant
registrations often seen in command and control networks, and there are
some exceptions and tuning that can happen.

-J

Jothan Frakes
Tel: +1.206-355-0230


On Thu, Aug 2, 2018 at 5:07 PM, John Levine <john.levine at standcore.com>
wrote:

> I can conceive of a scenario where every instance of a particular IOT
>> device receives a unique domain name in the same way it receives a MAC
>> address and unique serial number; the domain name could in fact be its
>> serial number.  That would be a legit example for bulk acquisition of
>> domain names.
>>
>
> Of course every device has its own name, but nobody in their right mind
> would buy them one at a time from a TLD registry.
>
> For a whole lot of domain names, see https://wild.web.sp.am, click on a
> few links, and look at the domain names.  If you followed the links long
> enough you'd find roughly 2 billion different names.
>
> Regards,
> John Levine, john.levine at standcore.com
> Standcore LLC
>
> PS: When I first set up that site, it broke the Bingbot.  After alerting
> one of your colleagues to the problem, who told me that it led to some very
> loud conversations down the hall, Bing now knows enough to stay away but I
> have a log file with 6 million entries from people who don't.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mm.icann.org/pipermail/ua-discuss/attachments/20180802/569948cb/attachment.html>

More information about the UA-discuss mailing list