[ratelimits] RRL logs understanding

Geert Jan de Groot GeertJan.deGroot at xs4all.nl
Fri Aug 23 08:46:26 UTC 2013


> You can do other things with RRL.  One petty example is my use of
> RRL to inconvenience those who obsessively walk my reverse DNS
> zones.  They don't hit hard eough to congest my links or kill my
> DNS servers, but they do irk me.

Are you sure that works as intended?
IP's that have a PTR record still yield a response which is not
rate limited because the response is different for each IP
so RRL doesn't kick in and this doesn't help limiting enumerating the zone.

Sending two requests instead of one to yield a TC response
which would be another signal that there is no PTR for this 
address. You'd only need to send each query twice (for slip=2).

Geert Jan



More information about the ratelimits mailing list