ietf-asrg
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Asrg] What are the IPs that sends mail for a domain?

2009-06-16 20:24:36
from [Douglas Otis] [Permanent Link] 

On Jun 16, 2009, at 3:55 PM, John Levine wrote:
How do I find if I have blocked the domain from sending to my server. Meaning, knowing the domain name of the sender, how do I find the IPs from where the mail could be sent from. It seems that SPF is the only tool to provide that answer?
Unless you have previous mail from the domain, I would agree SPF is your best bet.
This is not your only bet. Many SPF records include the term MX and, when not found, even default to using MX/24.
In another related problem, which is linked to IPv6 and RBL. Buidling an IPv6 RBL could lead to a huge database. Sure you can alleviate by using "wildcards", but why not use the reverse DNS resolution to add a TXT record associated to the IP to indicate the IP is the one of a mail server? So any IP that does not have this record would be blocked for SMTP. 

We've had a variety of proposals to identify mail client hosts.  See 
http://mipassoc.org/csv/
The CSV effort proved most providers do not want their MTAs identified as belonging to them, even when it could improve email acceptance. This might be especially true now after their support staff has been reduced.
Reverse DNS is already causing a large amount of resources to be wasted by the shabby state of the reverse name space. Incorrectly configured RFC 2317 delegation, and many non-functional servers are causing MTAs to rapidly become resource limited when making reverse checks. In addition, when your customers conduct business with Asia, they may not be happy to find email is being lost as a result of geographic differences of opinion about the role that reverse DNS might play with email.
IMHO, all outbound MTAs should be required to return CVS records for their EHLO name and offer MX records for their inbound. A mandate that required MX (inbound) or CVS (outbound) records would greatly help in identifying non-abusive email sources against a backdrop of hundreds of millions of bot-net controlled drones spewing email. Systems may soon use ACLs as a means to white-list safe MTAs. Perhaps the world is a few years from having to go to that extreme. 

-Doug



_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Asrg] What are the IPs that sends mail for a domain?, Daniel Feenberg
Next by Date:  Re: [Asrg] What are the IPs that sends mail for a domain?, Lyndon Nerenberg
Previous by Thread:  Re: [Asrg] What are the IPs that sends mail for a domain?, John Johnson
Next by Thread:  Re: [Asrg] What are the IPs that sends mail for a domain?, Lyndon Nerenberg
Indexes:  [Date] [Thread] [Top] [All Lists]