ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] Re: 6. Proposals - rDNS and rMX

2003-11-28 15:00:38
from [Mark E. Mallett] [Permanent Link] 
On Thu, Nov 27, 2003 at 11:43:32AM -0500, Yakov Shafranovich wrote:

Copy can be found here:

http://asrg.kavi.com/apps/group_public/download.php/16/draft-irtf-asrg-mtamark-00.txt

Many people prefer the LMAP proposals that deal with regular "forward" 
DNS than the MTA mark proposal that uses reverse DNS, because a usual 
domain owner has control over regular DNS and does not have control over 
reverse DNS.


That's a very important point.

On the other hand, it's IP space owners (er, delegees?) who often
bear the brunt of complaints about how their space is used, and
giving them some degree of authority is not necessarily bad.  It's
not like every proposal provides a complete answer: if one piece
of the puzzle is to give IP space maintainers some say, then that
may be one more positive step.

I am curious (though I can guess, see below) why MTAMark chooses to
overload the TXT result from a single DNS record rather than using DNS
in a more natural way.  For an address 10.0.0.1 MTAMark shows an
example like:

  $ORIGIN 0.0.10.in-addr.arpa.
  1   IN  PTR  mail.example.com.
  1   IN  TXT  "ASRG.MTA=yes"
  1   IN  TXT  "ASRG.CONTACT=mailto:abuse(_at_)example(_dot_)com"

etc

whereas it would seem to me more natural to use subdomaining:

  $ORIGIN 0.0.10.in-addr.arpa.
  1              IN  PTR  mail.example.com.
  mta.1          IN  TXT  "yes"
  contact.mta.1  IN  TXT  "mailto:abuse(_at_)example(_dot_)com"

making it easier to retrieve individual result records without
overloading the results, sifting through and parsing the results,
worrying about oversized DNS records, etc.

My guess is that the proposal wants to include wildcards, but if that's
the case I think that's not a great tradeoff, nor does it address anything
smaller than /24 delegations (e.g. RFC2317).  Besides, one could always
handle the /24 wildcard entry in another way, such as:

  $ORIGIN 0.0.10.in-addr.arpa.
; default txt record(s) for this zone
  mta            IN  TXT  "no"
; specifics per IP
  1              IN  PTR  mail.example.com.
  mta.1          IN  TXT  "yes"
  contact.mta.1  IN  TXT  "mailto:abuse(_at_)example(_dot_)com"

Interestingly, an extended version of this sort of scheme could
conceivably do away with the dyndns style dnsbls voluntary
registrations.

mm

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Asrg] 0. General - Inquiry about CallerID Verification, Alan DeKok
Next by Date:  Re: [Asrg] 0. General - Inquiry about CallerID Verification, Hector Santos
Previous by Thread:  Re: [Asrg] Re: 6. Proposals - rDNS and rMX, Yakov Shafranovich
Next by Thread:  Re: [Asrg] Re: 6. Proposals - rDNS and rMX, Mark E. Mallett
Indexes:  [Date] [Thread] [Top] [All Lists]