ietf-asrg
[Top] [All Lists]

Re: [Asrg] Re: 6. Proposals - rDNS and rMX

2003-11-29 08:44:25
Markus Stumpf <maex-lists-spam-ietf-asrg(_at_)Space(_dot_)Net> wrote:
Now there is another company, let's call it example.ORG. They do not
have LMAP records in place, so any MTA will accept messages with
addresses @example.ORG from any IP. It will accept the messages also
from 10.0.1.0/32, even if I use LMAP. So if a workstation in my
net is compromised it can be abused as a spam relay. Same holds for
viri.

  Absolutely.  That isn't a problem that LMAP is trying to solve.  The
spammers can forge association with example.ORG, because the admins of
that domain have agreed to permit such forgery.

  You're responsible for the use of your own network, but you're not
responsible for abuse of another domain name.

  The MTAMark proposal addresses the problem of "owned" machines
originating SMTP traffic.  But I don't recall if it includes
information about which domain that MTA can claim association with.
That would be hard, as some IP's host hundreds of thousands of
domains.

  The two proposals are related, but solve different problems.

  Alan DeKok.

_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg