[GTALUG] Spamhaus block

Giles Orr gilesorr at gmail.com
Fri Feb 22 12:11:48 EST 2019


On Fri, 22 Feb 2019 at 11:58, James Knott via talk <talk at gtalug.org> wrote:

> On 02/22/2019 11:33 AM, Giles Orr wrote:
> > We use this ability a fair bit at my work: the web server determines
> > what name you're looking for from the incoming header,
>
> What would be in the header?  All IP has in the header to differentiate
> connections is IP address and port number.  For example, if I wanted to
> access the Mississauga Library ebook collection, I could open a browser
> to 13.92.99.128 and it would connect to port 443 for https.  I have not
> provided any other information.  So, how would the appropriate server be
> accessed from that, when multiple servers share a single IP?
>

You're correct: if the user provides only an IP address, the web server
doesn't necessarily know how to respond.  You can set a default in the web
server (at a hosting site it would almost certainly be to the hosting
provider's main page).  But your use-case is vanishingly small: no one uses
IP addresses anymore, and I'd suggest it's an actively bad idea since cloud
services allow us (the web site creators) to change IP addresses as
frequently as people change their clothes.  That's how it is now: the
_name_ remains constant, but the IP changes intermittently.

This random changing of IP addresses is also why we're having a parallel
discussion of "bad" and "good" IP neighbourhoods: if you take your name and
move it from one neighbourhood to another, places like Spamhaus associate
you (and thus your behaviour, warranted or not) with that of your
neighbours.

-- 
Giles
https://www.gilesorr.com/
gilesorr at gmail.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://gtalug.org/pipermail/talk/attachments/20190222/838a85f1/attachment.html>


More information about the talk mailing list