Vernon Schryver <vjs(_at_)calcite(_dot_)rhyolite(_dot_)com> wrote:
Note that:
- An authorized SMTP client need not be an SMTP server. While its
IP address will found by other SMTP clients looking for an SMTP
server for the domain, its preference will be numerically higher
than all working SMTP servers. Only when all other SMTP servers
are also not working will SMTP clients try to send to it. They
will immediately receive and ICMP Port Unreachable and give up.
If the client machine is configured correctly. Many systems will be
listening on port 25 by default, and will undergo additional expense
before the connection is terminated. (That's arguably their problem,
and unrelated to this proposal.)
Also, spammers hit all MX's for a domain, so they will hit the
listed MX's for senders too, which may be seen as an additional
feature of this proposal over RMX.
- This scheme is better than the RMX proposal because it has achieves
the same goal, does not require the standardization and implementation
of a new DNS RR in DNS server software and MTAs. It requires
only small changes in system administration conventions and modest
changes in MTAs.
I agree, but reserve judgment as to "better".
- I do not like this scheme, because I do not agree with the goal of
forcing people to use the same going as incoming ISPs.
I do not believe that's a goal of this proposal, or of RMX. The
goal is to provide accountability. A side-effect of methods used to
achieve that goal may be that some people are forced to change their
network behaviour. My response is that it's no longer 1983: the
network has changed, and our behaviour will likely have to change,
too.
The benefit that RMX has over this proposal is that "wildcard" RMX
records can be added to domains, where the DNS administrator responds
that entire networks have consent to send "from" that domain. In
contrast, since MX records must be 'A' records in DNS, this proposal
must explicitely list every IP in a network to acheive the same
effect.
Alan DeKok.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg