ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

reverse DNS; RE: [Asrg] RMX proposals and Nash Equilibrium

2003-05-05 15:32:43
from [Bob Atkinson] [Permanent Link] 
Reverse DNS has two quite important situations in which it does not
easily (if ever) give appropriate answers for use in spam deterrence.

1) If I host my own DNS servers, and have no DNS relationship with my
ISP, then (typically, if not mostly) the rDNS lookup will ultimately go
to him but have no means by which it can connect to my DNS servers and
thus give a meaningful response. As a result, the rDNS lookup yields
answers like

        dsl-209-123-212-68.myisp.com

rather than something related to the email domains that I actually send
from.

2) If, for one of possibly many reasons, I legitimately relay my
outbound mail through some other domain, then it becomes
administratively very cumbersome (if not logistically impossible,
pragmatically speaking) to have the rDNS lookup resolve to something in
my domain (in addition to the one through which I am relaying, and all
the others he relays for).

RMX-style proposals, which start their lookup at the domain purportedly
responsible for a message, don't suffer from these shortcomings.
(indeed, they can nicely leverage the existing administrative
infrastructure that I necessarily have to mange my MX records). This is
an important advantage.

Ultimately, these approaches yield the same information, namely an
answer to the question: "is this IP address authorized by the admin of
this domain to transmit mail on behalf of that domain". While the
spoofing that this prevents is VERY interesting and useful, it is, in
and of itself, of course not something that will eliminate spam.
Additional infrastructure is needed above and beyond RMX.

        Bob


-----Original Message-----
From: asrg-admin(_at_)ietf(_dot_)org [mailto:asrg-admin(_at_)ietf(_dot_)org] On 
Behalf Of Eric
D. Williams
Sent: Saturday, May 03, 2003 6:16 PM
To: 'Daniel Feenberg'; asrg(_at_)ietf(_dot_)org
Subject: RE: [Asrg] RMX proposals and Nash Equilibrium

All of these are valid points to argue, but without addressing a
fundemental 
point (not described in most) RMX proposals from my understanding.  That
is, 
DNS can also be used to validate an IP reverse map so that not only the
domain 
is checked but also the IP.  In that case, IMHO, one could argue that an

additional check for IP origination or relay of delivery would mitigate
the 
concerns.

I could definitely be wrong but that always sticks out to me as a 
mis-understanding of that type of proposed solution/strategy.  I don't
think 
the forwarder of mail has to be penalized for forwarding if they are
properly 
registered in the forwarding path (open-relays are another matter in my 
opinion) and are no longer used in the historical context (helping a 
brother/sister system out).


_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Asrg] seeking comments on new RMX article, Dave Crocker
Next by Date:  RE: [Asrg] seeking comments on new RMX article, Eric D. Williams
Previous by Thread:  [Asrg] Requirements for anti-spam systems, Alan DeKok
Next by Thread:  RE: reverse DNS; RE: [Asrg] RMX proposals and Nash Equilibrium, Eric D. Williams
Indexes:  [Date] [Thread] [Top] [All Lists]