Keith Moore wrote:
Any comments on this approach?
1. it's a non-starter to force senders to submit to/relay through any
particular host or hosts. people can and do send mail from
anywhere, and this is essential functionality.
Providing a list of authorized senders is a sender-side choice. As such,
this is an elective system and has to be recognized as one. There will
still be hosts and domains that do not use the elective system[1], so this
cannot be relied upon as an exclusive test.
BUT, providing this kind of information is as beneficial to the sender as
it is to the recipient. EG, if hotmail used this, then people like me
would stop blocking those domains, and would only block mail from hosts
which hotmail did not list as authorized for their domain.
So rather than looking at this in terms of ~"can I reject mail from
senders without MS RRs?" (the answer to that is "no"), the appropriate way
to look at this is ~"can the owner of a domain use this to prevent
forgeries from their domain" and "can the recipients use this as a
supplemental method for killing spam" (the answer to both of those
questions is "yes").
2. my guess is that IESG isn't likely to approve a new use of, or
extensions to, the MS record.
Maybe you could be bothered to provide some kind of support for this.
[1] as stated earlier, any such system will only work if its usage is
mandatory from the beginning
--
Eric A. Hall http://www.ehsco.com/
Internet Core Protocols http://www.oreilly.com/catalog/coreprot/