On Tue, Jun 16, 2009 at 11:36:37PM -0400, Bill Cole wrote:
That said, I think that adding DNS records that map specific network
addresses to their legitimate behaviors in a generalized model would be a
positive advance.
+1. For instance, I (semi-seriously, semi-facetiously) proposed "XM"
records some years ago, whose value would be 0 or 1: hosts with 1 send
SMTP traffic, hosts with 0 don't. Thus every MX's behavior could be
to reject all port 25 SMTP connections from hosts with XM=0.
There a lot of problems with this idea, and if memory serves, both
Dave Crocker and John Levine pointed them out at the time. But I think
that perhaps it's time to revisit the general concept and see if it
could be made to work for (as Bill said) "legitimate behaviors in a
generalized model". This would not only allow us to address SMTP abuse,
but (for example) zombie hosting of DNS and HTTP servers.
---Rsk
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg