On Wed, Apr 02, 2003 at 04:06:32PM -0500, Kee Hinckley wrote:
At 3:00 PM -0600 4/2/03, Steven F Siirila wrote:
It "breaks" it no more than adding just the TXT record itself in
that both must
be configured by the DNS administrator in order to pass the "good MTA"
test.
Sorry, I misread the proposal. I thought it was finding the
authenticating domain by looking at envelope. Not from reverse
looking up the IP address. In that case you're right--they both
break too many systems. :-)
Too many ISPs don't provide reverse DNS to their customers, but do
allow mail servers. And many of those that do provide reverse DNS,
reverse it to their own domain, not the sender's domain.
Not a problem here since we also look up the EHLO name. If that resolves
to the caller's IP address, it counts as good as a PTR record in our book.
envelope -> domain -> lookup ip at domain
I think can work. Straight reverse IP lookups are harder.
--
Kee Hinckley
http://www.messagefire.com/ Junk-Free Email Filtering
http://commons.somewhere.com/buzz/ Writings on Technology and Society
I'm not sure which upsets me more: that people are so unwilling to accept
responsibility for their own actions, or that they are so eager to regulate
everyone else's.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
--
Steven F. Siirila Office: Lind Hall, Room 130B
Internet Services E-mail: sfs(_at_)umn(_dot_)edu
Office of Information Technology Voice: (612) 626-0244
University of Minnesota
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg