I got DNS in my anti-spam product. And I’ve got anti-spam in my DNS management. This all happened while working on my “Top 10 things you should know about spam” while also putting together an RFP (Request for Proposal) for a review on DNS service tools. DNS plays a big role in identification and verification systems including DKIM (Domain Keys Identified Mail).
I’m finding that DNS systems going online today may be asked to take on a bigger network over the next three to six years. Let me break this down.
First, I get the sense that DNS and the more comprehensive IPAM (IP Address Management) tools will take on bigger roles as IPv6 begins to gain traction. With an ever-growing collection of devices (both physical and virtual) needing IP address service and management, DNS will move from the shadows–where it has played a reliable and remarkably understated role in facilitating the Internet revolution–to the forefront.
Second, I get the time frame from the gracious organization that has offered to host our DNS Labs on Site in the near future. (More details on that story as we get closer to the results.) Suffice it to say that this organization has been using a DNS system that was put in place many years ago. How long ago is still somewhat of a mystery. What I do know is that the person who brought the system to life and created many of the scripts to manage zone updates and other management functions hasn’t been with the organization for more than six years. One vendor in our DNS round up dubbed this mythical being as “ponytail guy.” I instantly knew who they were talking about. Given the coming of IPv6 and the rampage of virtual-everything I think it will take a lot less than six to eight years for “ponytail guy” to be missed.
The anti-spam in the above equation came as I was re-reading my test notes from e-mail spam tests over the past several years. DKIM uses DNS to verify that the supposed sender of a piece of e-mail was in fact the sender. While not an anti-spam tool per se, DKIM does help systems that use sender identity along with sender reputation to make a guess at what e-mail is spam and what is ham.
As DNS takes on this enlarged role, systems that provide DNS and that were once thought to be running just fine may need to be re-evaluated. I am most emphatically NOT advocating that these systems be junked wholesale. I suspect that for the majority of organizations, the existing DNS solution will work just fine. IPv6 has been a long time coming and there are very few systems that can’t at least be upgraded to handle the bigger address space. Many DNS systems have supported IPv6 for years. However, for IT network managers who have an eye to the future and who anticipate adding more services to their network that enhance business processes, taking another look at basic network services including DNS and DHCP may be in order.