On Thu, Mar 06, 2003 at 03:09:14PM +0000, Jon Kyme wrote:
So your declaration is implicit in and limited to the DNS data
for the domain?
Not necessarily DNS, that's just one possible implementation.
It could also be put in an LDAP tree (if LDAP servers were widely
available), put on a web page at a default address,...
There's a wide range of possibilities to distribute such a statement.
Since SMTP requires DNS anyway, this advises to put such a statement
on a DNS server. That's actual my RMX proposal, just paraphrased.
Doesn't this require this to be true for every domain if it is
to work for yours? (This would be difficult for some systems I'd
imagine.)
I'm not sure whether I understand what you want to say again, but I'll
try it. No, it doesn't really "require". Therefore, it allows smooth
transition and is backwards compatible.
Of course, if other people receive millions of spam from
"@danisch.de", as it happened about a year ago, then it is their
benefit to ask whether my domain publishes such a statement, and if
so have a very simple and effective way to block all forged spam.
Or, if you have a separate mechanism for making this kind of declaration,
how is it to be publicised, invalidated etc.
There are plenty of known methods to do so, e.g. the methods used
to distribute X.509 certificates etc. That's not a main problem.
I hope I understand you, I'm genuinely interested in what kind of
mechanism this might require.
e.g. see
http://www.ietf.org/internet-drafts/draft-danisch-dns-rr-smtp-00.txt
regards
Hadmut
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg