ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] Re: 6 - Designated Relays Inquiry Protocol (DRIP)

2003-06-29 12:22:37
from [Richard Rognlie] [Permanent Link] 
On Sun, Jun 29, 2003 at 03:15:26PM -0400, Yakov Shafranovich wrote:

At 11:11 AM 6/29/2003 -0400, Richard Rognlie wrote:


On Sun, Jun 29, 2003 at 02:55:33PM -0400, Yakov Shafranovich wrote:

At 01:21 PM 6/28/2003 -0400, Raymond S Brand wrote:


The June 24 DRIP document has a problem with the use of DNS
wildcard records. Attached is an updated DRIP document and
a diff of the important changes between the two documents.
[..]

  The Designated Relays Inquiry Protocol, DRIP, is a method for domain
  name owners to specify the IP addresses that are authorized to relay
  mail as a domain name in the SMTP HELO and EHLO commands. The
  protocol provides a method for server MTAs to reject SMTP connections
  from IP addresses not authorized to use the domain name given in the
  SMTP HELO and EHLO commands.
[..]


How is this proposal different from RMX proposal by Hadmut Danisch
(http://www.ietf.org/internet-drafts/draft-danisch-dns-rr-smtp-02.txt) 

and

the various other rDNS proposals (see Mike Rubel's page at
http://www.mikerubel.org/computers/rmx_records/).


RMX (et al) deal with the envelope from address.  This proposal has
nothing to do with the envelope.  It is an attempt to sanitize the
hostname specified as the HELO/EHLO when connecting to a remote
MTA.
[..]


Dealing with the return envelope has its own problems (DSN messages with 
empty MAIL FROM <>) so it seems that dealing with the HELO/EHLO is better. 
BUT, the bottom line is that both proposals are DNS based and propose 
additional DNS records. Whether the filtering is done on HELO/EHLO level or 
return envelope is something to be left to the implementators. Both 
proposals are basically the same - they are mandating DNS records.


Just additional records.  Not any additional record types.
And as such, we are not at the mercy of waiting for any particular
flavor of BIND to work its way out into the mainstream.

FWIW, this is part 1 of 2 proposals.    Ray (and his hearty band of cohorts)
will be working on the 2nd part [formalizing it] soon.   It will be
working on the validity of the headers (not the env-from, but the
*whole* bunch of headers).  but I'll leave it's discussion to him.  

It's *verra nice...*

-- 
 /  \__  | Richard Rognlie / Oracle Prophet / Gamerz.NET Lackey
 \__/  \ | http://www.gamerz.net/rrognlie/    <rrognlie(_at_)gamerz(_dot_)net>
 /  \__/ | The past is the future
 \__/    |                  Nobody expects the spammish inquisition

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Asrg] Re: 6 - Designated Relays Inquiry Protocol (DRIP), Yakov Shafranovich
Next by Date:  Re: [Asrg] Re: 6 - Designated Relays Inquiry Protocol (DRIP), Yakov Shafranovich
Previous by Thread:  Re: [Asrg] Re: 6 - Designated Relays Inquiry Protocol (DRIP), Raymond S Brand
Next by Thread:  Re: [Asrg] Re: 6 - Designated Relays Inquiry Protocol (DRIP), Yakov Shafranovich
Indexes:  [Date] [Thread] [Top] [All Lists]