I agree with you about noting the site sending the message. It should
be a "local" issue as to how that is translated into a local user. This
gets to the point someone (sorry I forget who) made about requiring some
legal recourse (search warrant or discovery in US terms) for the last
bit of information, thus providing some privacy protection.
And while I agree the DNS is probably a natural place for the
information, I feel obliged to note the problems that exist getting
reverse lookup entries properly configured in the DNS.
Also, the DNS might seem a "secure" location for information, surely we
all realize the DNS is just a "major security incident waiting to
happen." But then maybe this is the "killer app" for DNSSEC?
Jim
On Sat, 17 Jan 2004, Al Costanzo wrote:
Date: Sat, 17 Jan 2004 17:08:55 -0500
From: Al Costanzo <al(_at_)akc(_dot_)com>
To: James M Galvin <galvin+ietf-822(_at_)eListX(_dot_)com>
Cc: ietf-822(_at_)imc(_dot_)org
Subject: Re: making mail traceable
To this point I would say, we need to know the physical location of the
machine (node) on the Internet sending the email.
I would say that DNS is the perfect location for storing this information,
since unlike mail headers it is more difficult to mung around with by the
casual user and usually administrated properly by ISPs.
With the information stored in the DNS IMO, it gives us a second level of
repudiation to protect us all from spammers and help the US inforce the new
law.
Al
----- Original Message -----
From: "James M Galvin" <galvin+ietf-822(_at_)elistx(_dot_)com>
To: "Al Costanzo" <al(_at_)akc(_dot_)com>
Cc: <ietf-822(_at_)imc(_dot_)org>
Sent: Saturday, January 17, 2004 3:55 PM
Subject: Re: making mail traceable
>
> To the extent it is "information" we agree we need for email to be
> traceable and we agree that having it in the DNS is the right place for
> it, then it would be helpful. Dave's point was that we should be
> discussing what information we need and agree on that before we try to
> agree on where to put it.
>
> Jim
>
>
>
>
> On Fri, 16 Jan 2004, Al Costanzo wrote:
>
> Date: Fri, 16 Jan 2004 19:42:09 -0500
> From: Al Costanzo <al(_at_)akc(_dot_)com>
> To: James M Galvin <galvin+ietf-822(_at_)eListX(_dot_)com>,
ietf-822(_at_)imc(_dot_)org
> Subject: Re: making mail traceable
>
>
>
> I may be missing the point here but about a year ago I wrote a draft
for a
> DNS RR record to keep track of the physical location of the A or MX
record
> as a "physical postal address" just for this purpose, with the
intention of
> being able to track back the location of SPAM.
>
> With new state laws I thought it was the way to go, and then use MTA
use
> this information.
>
> Would this not help? If so I have a copy of the draft I am currently
> revising.
>
> Al Costanzo
> ----- Original Message -----
> From: "James M Galvin" <galvin+ietf-822(_at_)elistx(_dot_)com>
> To: "Dave Crocker" <dcrocker(_at_)brandenburg(_dot_)com>
> Cc: "ietf-822" <ietf-822(_at_)imc(_dot_)org>
> Sent: Friday, January 16, 2004 5:02 PM
> Subject: Re: making mail traceable
>
>
> >
> >
> > On Fri, 16 Jan 2004, Dave Crocker wrote:
> >
> > > > The "Received" header is woefully inadequate for spam
tracing
> > >
> > > True. Then again, so is the rest of the message format
and mail
> > > transport.
> > >
> > > I don't agree it's "woefully inadequate."
> >
> > When we have some agreement on the information that is needed to
> > facilitate spam tracing, then we can decide whether it is better
to
> > add it to Received or create a new header.
> >
> > Absolutely.
> >
> > And let us not forget some means to validate that the information we
do
> > have or get is accurate and correct. Or is that what Nathaniel and
> > Keith meant by "traceable?"
> >
> > Jim
> >
> >
>
>
>
>