ietf-asrg
[Top] [All Lists]

[Asrg] Re: RMX Records

2003-03-03 17:07:46
Hadmut Danisch wrote:
Even when I'm on the road and using a foreign ISP on the other side
of the world, I always drop my email to the very same relay machine,
simply because thats easier. My notebook doesn't need to bother with
DNS queries and temporarily unavailable peers.  I drop all my
outgoing mail to central host, and this host is doing the job.

That doesn't generally work because the mail hub will tend to reject
mail so sent because you're coming from a different ISP.  eg. sales
person uses aol.com, eartlink.net (or other international ISP) drops
of mail at mail.foo.com mail hub, and if the mail hub isn't vulnerable
to the open relay problem, it will reject the mail.

The other problem with RMX is that it relies on DNS which itself has
horrendous security vulnerabilities due to inherent limitations in the
protocol.  RMX inherits them and so is inherently easy to spoof and
bypass.  See for example: http://www.securityfocus.com/guest/17905
for a good survey paper on DNS vulnerabilities.

Also I'm not sure as another poster noted how much it even helps:
disposable ISP free accounts (AOL CD syndrome) are a major source,
with RMX the problem is not even improved.

Adam
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg