MS> On Wed, Mar 10, 2004 at 07:22:30AM -0500, Meng Weng Wong wrote:
(1) has one dimension: is an IP address allowed to send mail?
MS> Sorry, but not really. IMHO it is important to understand that at
MS> least MTAMARK does not talk about allowing something. It is about
MS> giving an admin a chance to provide hints about an IP address.
Thanks for bringing this up. The difference in semantics is important.
It is one thing to say "I know that this particular IP Address is (or is
not) authorized to be an MTA" and quite another to say "I know the
_complete_ set of authorized MTA's."
In particular, what is the meaning of having no record for an IP
address? Does it mean that it is not authorized or does it mean that we
do not know?
For example, an ISP or enterprise could register it's own MTAs and,
therefore, vouch for their accountability, but say nothing at all about
any of its customer's addresses.
A receiving MTA might treat the former with less caution and the latter
with more. Neither, however, gets automatic trust, because registration
as an MTA does not guarantee that the operator of the MTA is not a
MS> In the case of roaming users, local (to the user) mailservers it is
MS> very important that the IP is still allowed to send mail even if it is
MS> labelled as "not running a public mailserver". However some additional
MS> authorization/authentification may be required (e.g. SMTP AUTH).
Dave Crocker <dcrocker-at-brandenburg-dot-com>
Brandenburg InternetWorking <www.brandenburg.com>
Sunnyvale, CA USA <tel:+1.408.246.8253>