« new pats posted - 20090612 (maintenance pats release) | Main | new pats posted - 20090614 (maintenance pats release) »

June 14, 2009

Basic principles of DNS and their discontents, continued

OK, I found some time today away from visiting friends and relatives to track down a few more bad examples before I get to the good examples.

115.119.32.178.static-bangalore.tcisl.net.in
115.119.25.114.static-chennai.tcisl.net.in
115.119.17.226.static-delhi.tcisl.net.in
115.119.59.18.static-Ernakulam.tcisl.net.in
115.119.0.242.static-mumbai.tcisl.net.in
115.119.8.146.static-pune.tcisl.net.in

I should be able to block (or score as slightly suspicious due to generic, provider-assigned PTR naming) mail from all of these hosts with a single "static.tcisl.net.in" entry in my access.db. Instead, I have to use a pattern. And I have to make it even more generic than I ordinarily would because heaven forfend they add service to Hyderabad.

Anyway, enough bashing of the folks whose naming choices don't reflect my druthers; let's talk a bit about some examples that do. One ISP that does use naming that enables remote systems to make smart policy decisions is vsi.ru.

For their dynamic dialups, vsi.ru uses the following naming:

[0-9]+\.[0-9a-z\-]+\.dial\.vsi\.ru
[0-9]+\.[0-9]+\.asx[0-9]*\.dial\.vsi\.ru

This has the obvious benefit of informing the remote admin that this is a dialup. While it is not that uncommon, especially in some "developing" nations, for dialups to be statically assigned, typically such connections are not used for incoming mail service. The naming they use for their dynamic DSL is as follows:

[0-9]+\.c[0-9]+\-[0-9a-z]+\.dsl\-dynamic\.vsi\.ru
[0-9]+\.[0-9]+\.c[0-9]+\-[0-9a-z]+\.dsl\-dynamic\.vsi\.ru
[0-9]+\.[0-9]+\.dhcp\.dsl\-dynamic\.vsi\.ru
[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+\.[0-9a-f]+\-[0-9a-f]+\.dsl\-dynamic\.vsi\.ru

In addition, they explicitly call out residential users:

[0-9a-z]+\.dsl\-home\.vsi\.ru

This allows us to distinguish between residential and dynamic users on the one hand, and commercial users with fixed / static IPs on the other:

[0-9a-z]+\.dsl\-comm\.vsi\.ru
[0-9a-f]+\.[0-9]+\.fix\-addr\.vsi\.ru

Granted, there is a somewhat wide variety of namings applied to what we would consider the same subset of user IPs, but all in all their approach meets all of our basic suggestions:

• dynamics and statics are explicitly named
• the tokens used are in the Most Significant Token spot
• they distinguish between different technologies (dialup, DSL)
• they distinguish between residential and commercial users
• they even combine assignment type and technology into single tokens
• they avoid the "local knowledge" requirement; no marketing bullshytte tokens are involved at all

Anyone who is responsible for naming their client and end user nodes should take their excellent example to heart.

Tomorrow, we'll dig into some of the peculiarities of regions and types of services; it's amazing how certain areas deviate from practices common to other regions.

Posted by schampeo at June 14, 2009 5:40 PM