0

My college just floated me a horror story regarding mail servers and DNS blacklists. (We maintain the mail servers for our company and its customers.)

He said that DNS blacklists (like e.g. SORBS and Protected Sky) may block an entire C-net of IP addresses after repeated spam offences from one or more IPs in that C-net.

Looking for a reason to be even more wary of blacklists I googled this, but found no mention of it.

Is blacklisting entire IP C-nets an accepted methodology in the world of DNS blacklists?

Improve this question
1
  • They can only blacklist the SPAM IP's but not the entire subnet.
    – manjesh23
    Commented May 3, 2016 at 9:12

1 Answer 1

Reset to default
3

This all depends on the listing policy of a blacklist. Some do it for sure. There's no "accepted methodology", it's all up to the owner of the blacklist to define the listing policy.

Some start off with listing individual IP's in a /24 (let's not call it a class C, we stopped using classful routing 20 years ago) and if there are too many problematic hosts within a specific /24 the entire /24 gets listed. Some (possibly other) blacklists choose to widen the range of listed IP's if the owner doesn't take action quick enough, starting with individual IP's (/32's) and gradually increasing it to a /24 or bigger, eventually listing all IP's registered to a network.

Improve this answer

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .