ietf-asrg
[Top] [All Lists]

Re: [Asrg] Re: draft-danisch-dns-rr-smtp-01.txt

2003-04-27 01:09:55
At 11:49 PM 4/26/03 -0600, Vernon Schryver wrote:
From: Scott Nelson <scott(_at_)spamwolf(_dot_)com>

...
Recognize that the goal for the receiver isn't to find all the 
valid IP's for a domain, but rather just the one they are receiving
email from.  To answer the question "is IP a.b.c.d an authorized 
IP for example.com?", the receiver could check 
d.c.b.a.rmx.example.com.
...

The problem with that is that Hotmail, Yahoo, and most of the rest of
the owners of the domain names that appear in SMTP Mail_From senders
in the majority of spam instruct their DNS servers to always answer
"yes, a.b.c.d authorized" for any and all IP addresses.


Just to clarify, that's a problem with idea of authorized senders,
not the suggestion that IF you attempt to authorize IPs, then you
should do it on a single IP rather than the trying to get the whole range.


The way SMTP works currently, authorized sender lists are
only useful to identify email that is very likely to be from the
domain in question, and not useful in identifying email that is not.  
In other words, one should use it only to accept an email, 
not to reject it.  (Or make it more likely to be accepted).
I think the value of being able to whitelist an email is not as 
great as the problem of people who incorrectly chose to 
reject email for failure, but I'm neither sure nor certain.
Perhaps if it was limited to system messages, 
or certain privileged accounts like postmaster or mailer_daemon 
then it might have greater value.

Scott Nelson <scott(_at_)spamwolf(_dot_)com>
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg