"generally accepted" way to get ahold of the owner/administrator of a machine (was: Newbieish question)

Jim Reid jim at rfc1035.com
Thu Jun 29 17:39:57 UTC 2000 

>>>>> "Thor" == Thor Kottelin <thor at anta.net> writes:

    >> Anyway, I have my own views, but what is the "generally
    >> accepted" way to get ahold of the owner/administrator of a
    >> machine, given the IP address, and knowing it runs mail
    >> services?
    >> 
    >> Should I trust the rDNS?  It's SOA record?  Abuse.net for the
    >> rDNS domain?  ARIN (Or similar for that area)?  Or something
    >> else entirely?

    Thor> I'm not sure about general acceptance; the following is just
    Thor> my HO. From a DNS viewpoint, the RP record would be ideal,
    Thor> but few hosts have such a record. Not all addresses even
    Thor> have corresponding PTR entries. My favorite logic is using
    Thor> ARIN.

The bottom line is that you can't depend 100% on the information in
the DNS for contact details. If the DNS was set up by someone who
knows what they were doing, the SOA MNAME should work. However there
are a lot of clueless DNS administrators out there. (Or nobody's
touched the DNS since the organisation's competent administrator
left.) Sometimes the RNAME field of the SOA records contains a valid
email address. Sometimes it even points at the current mailbox for the
site's system administrator! Very few people put RP records in their
zone files - far less keep them up to date. Probably the most reliable
way of finding a site's administrator is through the whois databases
operated by registries like RIPE, Network Solutions and so on. Even
then, the information could be out of date because the technical and
administrative contacts have moved on since the domains were registered.

The SOA records for reverse DNS can suffer the same problem. This is
more likely to happen the further down the tree from "." you go and
things get delegated to ISPs who delegate to customers. The more
people who are involved, the higher the probability that someone makes
a mistake or someone without a clue is introduced. Look at the number
of broken reverse delegations and failed reverse lookups.

More information about the bind-users mailing list