The SORBS Dynamic User and Host List (DUHL) is similar to other DUL
lists. However, many of the others are actually lists of dial-up
ranges only. With cable modem and DSL access becoming more prevalent
for home subscribers and dial-up becoming correspondingly more rare,
the impact of lists of dial-up ranges only is reduced. Therefore, the
SORBS DUHL is a list of netblocks where the address space is assigned
dynamically to users and hosts regardless of the actual method of
connecting those users and hosts to the network. Dynamic assignment
of IP addresses makes identification of spam sources a little more
difficult. It is a matter of debate as to whether a user at home
should be running their own mail server. It is the opinion of SORBS
that anyone competent enough to do so should be allowed to run their
own mail server, but also, that all outgoing mail from dynamically
assigned address space (and in a few cases even from statically
assigned space) should be made to flow through the mail server(s) of
the Internet service provider in question.
Listing Criteria
SORBS DUHL originally started life as a straight import of the
Dynablock list maintained by Easynet NL. Easynet NL
stopped
providing the list in late 2003.
Requests for entries to be added to or removed from the SORBS DUHL
can be made by any Internet service provider responsible for a
particular range of IP addresses.
We will also list dynamically assigned address ranges that we come
across (most commonly when we receive spam from them). Generic reverse
DNS naming is the most important criterion for determining if an
address range should be considered dynamically assigned.
Please note that entries in the SORBS DUHL never expire, not even the
entries we inherited from Easynet NL Dynablock. We always require
contact from the network owner for modifications.
How we identify Static/Dynamic Hosts via DNS Records.
SORBS uses the following Internet Draft for determining whether networks
are statically or dynamically by rDNS.
SORBS strongly encourages review of generic naming schemes which are
of the format: <ip>.<add>.<re>.<ss>.<domain>.<tld>
Note: This is a Suggested Naming Scheme for Generic
Naming of Networks. We advise and encourage the use of the actual hostnames as
PTR records rather than generic records where ever possible.
Also note that SORBS expects TTLs for hosts within generic named ranges to
be 24 hours or more as generic schemes generally indicate a reluctance to
set hostnames and therefore indicate the records are unlikely to change.
Short TTLs (especially under 3600 seconds) tend to indicate the records are
about to be changed, or change regularly.
Removals/Deletions from the DUHL
From time to time the DUHL will need to be modified as ISP networks
are changed. ISPs are invited to send changes to their address ranges
listed.
The general rules of delisting are as follows:
The Regional Internet Registry (RIR) Point of Contact (PoC) can
request a listing or delisting of any address in their space. The
only time this will be refused is when the netblock information in
the RIR or in the reverse DNS naming clearly indicates the addresses
are dynamically assigned (e.g. 0.1.pool.example.com).
Anyone else may request delisting of addresses or netblocks provided
that reverse DNS naming is set to indicate static assignment. SORBS will
consider unique names that are not part of a generic naming scheme,
or a generic naming scheme with an indication of staticness (we prefer
the word "static" being included in the names, but will accept any
existing ISP convention if the ISP just informs us of it) as proof of
static assignment. Also, the Times to Live of the PTR records need to
be 43200 seconds or more. This is an arbitrary limit chosen by SORBS.
And of course, the reverse DNS names need to be valid; i.e. the names
given in reverse DNS need to map forward to the IP addresses for which
they were given.
End users (non ISP staff): SORBS support staff may ask you to ask your
ISP to request the change as you are not authoritative information
about the network ranges in question. The SORBS support staff may
need to request you change the rDNS naming scheme, so to save time
and trouble, ask your ISP to log a ticket and do not log a ticket
yourselves.
Please use the support form to submit
removal requests.
Additions/Submissions to the DUHL Exclusion List
We also operate a self-help exclusion interface that allows the owner
of a system to quickly exclude a single IP address (or, in some cases,
multiple IP addresses) from the DUHL. For this to be possible, the
following criteria need to be met:
The MX record of a domain needs to contain a host name that maps
to the IP address involved. The Time to Live of the MX record
needs to be at least 43200 seconds.
The A record for the host name needs to have a TTL of at least
43200 seconds.
The reverse DNS PTR record for the IP address involved needs to
map back to the name given in the MX record, and to have a
TTL of at least 43200 seconds.
If there are multiple MX entries, these rules apply to them all.
Unfortunately SORBS is unable to safely determine whether a request
for submission to the DUHL is coming from the network owner, so the
submission system is mostly manual.
For DUHL additions please use the
mail form to log a DUHL Nomination Ticket.
