ietf-asrg
[Top] [All Lists]

Re: [Asrg] 0.General - News Article - NYT Reports Porn Spam Hijacking Network

2003-07-11 12:43:25
Alan DeKok wrote:

...
------
3.1 Designation Record Template

The template for the DNS records is:

      ${IPS}.${IPV}.relays._email_.${DOMAIN}.   IN   ${TYPE}   ${IP}

   With:

   ${IPS}
      The textual representation of the IP address.
------

  that would be better with it as the *reverse* of the address.  This
allows DNS administrators to better deal with address ranges.  At
which point, it's very similar to:

The representation was chosen to NOT allow trivial wildcarding to large
ranges since, otherwise, the malware authors would wildcard the entire
IP address space. And an observation, even large mail sites have a finite
number of MTAs and those MTAs already have several individual DNS records.


  http://ietf.org/internet-drafts/draft-fecyk-dsprotocol-03.txt

  In addition, it suffers from the same DNS related problems as RMX,
and draft-fecyk-dsprotocol-03.txt.  This isn't to say it's broken,
it's just imperfect.

Unlike DMP, RMX, and SPF, DRIP uses the domain name from the HELO/EHLO
SMTP command, the others use the domain name from the envelope FROM
address.

DMP, RMX, and SPF all require envelope rewriting, DRIP does not.


Raymond S Brand

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg