ietf-asrg
[Top] [All Lists]

Re: [Asrg] Re: 6 - Designated Relays Inquiry Protocol (DRIP)

2003-06-29 12:25:38
At 11:21 AM 6/29/2003 -0400, Richard Rognlie wrote:

On Sun, Jun 29, 2003 at 03:15:26PM -0400, Yakov Shafranovich wrote:
> At 11:11 AM 6/29/2003 -0400, Richard Rognlie wrote:
>
> >On Sun, Jun 29, 2003 at 02:55:33PM -0400, Yakov Shafranovich wrote:
> >> At 01:21 PM 6/28/2003 -0400, Raymond S Brand wrote:
> >>
> >> >The June 24 DRIP document has a problem with the use of DNS
> >> >wildcard records. Attached is an updated DRIP document and
> >> >a diff of the important changes between the two documents.
> >> >[..]
> >> >
> >> >   The Designated Relays Inquiry Protocol, DRIP, is a method for domain
> >> >   name owners to specify the IP addresses that are authorized to relay
> >> >   mail as a domain name in the SMTP HELO and EHLO commands. The
> >> > protocol provides a method for server MTAs to reject SMTP connections
> >> >   from IP addresses not authorized to use the domain name given in the
> >> >   SMTP HELO and EHLO commands.
> >> >[..]
> >>
> >> How is this proposal different from RMX proposal by Hadmut Danisch
> >> (http://www.ietf.org/internet-drafts/draft-danisch-dns-rr-smtp-02.txt)
> >and
> >> the various other rDNS proposals (see Mike Rubel's page at
> >> http://www.mikerubel.org/computers/rmx_records/).
> >
> >RMX (et al) deal with the envelope from address.  This proposal has
> >nothing to do with the envelope.  It is an attempt to sanitize the
> >hostname specified as the HELO/EHLO when connecting to a remote
> >MTA.
> >[..]
>
> Dealing with the return envelope has its own problems (DSN messages with
> empty MAIL FROM <>) so it seems that dealing with the HELO/EHLO is better.
> BUT, the bottom line is that both proposals are DNS based and propose
> additional DNS records. Whether the filtering is done on HELO/EHLO level or
> return envelope is something to be left to the implementators. Both
> proposals are basically the same - they are mandating DNS records.

Just additional records.  Not any additional record types.
And as such, we are not at the mercy of waiting for any particular
flavor of BIND to work its way out into the mainstream.

Would it be logical to combine all the RMX/RDNS/etc proposals into one cohesive document?

FWIW, this is part 1 of 2 proposals.    Ray (and his hearty band of cohorts)
will be working on the 2nd part [formalizing it] soon.   It will be
working on the validity of the headers (not the env-from, but the
*whole* bunch of headers).  but I'll leave it's discussion to him.

Thanks for the information.

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg