ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Asrg] Re: article: port 25 blocking

2005-04-12 20:31:15
from [Frank Ellermann] [Permanent Link] 
Markus Stumpf wrote:


MX != outgoing SMTP


Actually it's "MX is not necessarily an / the outgoing SMTP".

It would be nice to have "MX == RMX", for starters it would
make SPF (the baroque form of RMX) unnecessary.  Ignoring the
"use A if no MX" loophole in this fantasy.

Maybe it was once meant this way, "Mail eXchanger" sounds like
"those who can receive can also send, and vice versa".


the IP address you use for a smart/relay may be totally
different from that the outgoing IP of that server is.


mail2.hamburg.de != frontend-1.hamburg.de, guessing the RMX is
certainly not always trivial.  And the SPF wizard is a script,
like all scripts it's rather stupid.


changing the IP address of an outgoing MTA of an ISP requires
ALL zones that list (or don't yet) that IP address in the SPF
records to be changed.


Depends.  First of all you can use a:frontend-1.hamburg.de and
then the IP can be changed without changing the sender policy.

And if you're a customer of an "SPF-aware" mail provider you'd
simply include:my.1st.mail.provider.example etc., it's then
their business to keep their SPF record up to date.

"All" foobar.claranet.de use a "v=spf1 redirect=claranet.de",
if something has to be changed it's only the latter.  That's
not precisely an optimal example, because that "all" is only
one wildcard for all vanity domains like foobar or xyzzy, but
let's say that the SPF "zone cut" idea changed twice (it will
be removed in the next draft, and it was never implemented).


note that adding one for the domain is NOT enough, you have
to add SPF records for all RRs in that domain


 From his POV only those FQDNs below netzero.com are relevant
that have an MX (or an A with a smtpd), e.g. mail.netzero.com
or pop.netzero.com

 From the POV of a receiver adding CSV and its "quasi-zone-cut"
could help as far as forged netzero-HELOs not covered by SPF
are concerned.  Claims that _one_ scheme, SPF / CSV / MTAMARK /
port-25-blocks / 2476-enforced-submission-rights / ... solves
_all_ spam related problems are just wrong.

                            Bye, Frank
-- 
http://www.cbronline.com/article_news.asp?guid=44D2955C-3C04-4BA1-AC45-AF8277B8B455



_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Asrg] Re: article: port 25 blocking, Frank Ellermann
Next by Date:  RE: [Asrg] article: port 25 blocking, Daniel Feenberg
Previous by Thread:  RE: [Asrg] article: port 25 blocking, George Ou
Next by Thread:  [Asrg] Re: article: port 25 blocking, Frank Ellermann
Indexes:  [Date] [Thread] [Top] [All Lists]