Jukka Inkeri <use(_dot_)signature(_dot_)asrg(_at_)awot(_dot_)fi> wrote:
Take a look at the LMAP, RMX, DMP, SPF proposals:
...
I have read those proposal (quickly), but if I have understood correct,
all those ideas based on domain attributes and define new attributes
using domain database, not real net/ip checking using reverse dns
attributes as I like todo, same way as all other security / access has
mostly defined, ip based priviledges. This is only worldwide "trusted ip
list".
Then you completely missed the point of the proposals.
None of them claim to have a "worldwide trusted IP list". Instead,
they determine if a domain has authorized an MTA at an IP to use its
name. That's a completely different problem than what you're talking
about.
My idea is check senders ip and priviledges to use smtp, not reading
protocol headers. My idea is control connection (ip) using reverse dns
lookup database, not dns lookup.
Which is substantially similar to the proposals listed above.
See also the MTAMark proposal, which lists MTA's in in-addra.arpa
Alan DeKok.
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg