Re: [Asrg] What are the IPs that sends mail for a domain?
2009-06-20 15:20:35
Douglas Otis wrote:
SMTP is heavily abused, and soon IPv6 is about to become a necessity.
To remain practical, connectivity must be based upon _immediate_ and
_stable_ evidence of legitimate email operation, and not upon any number
of authorization transactions. Each additional transaction to support
an authorization scheme will be multiplied by the typical number of
attempts made by abusive senders. This means providers need to exclude
problematic users, and not become a task pushed toward recipients. Such
pushing is not practical and often leads to unfortunate mistakes.
What do you mean by "problematic users"? Providers of residential
cables, WiMAX, and similar connections could block or redirect port
25, just like most universities and companies do. They used to do it,
as long as they provided mailboxes as a bonus and ISP and ESP were
synonyms. Submission port 587 is not yet universally employed, and
some customer may not accept to be unable to reach their favorite
server's ports 25 or 465. "Blocking port 25 except for a set of
servers used for submission" is not something that can be easily
defined and maintained by ISPs, IMHO.
OTOH, sender identification by domain could also be a way to attribute
responsibility. Strictly speaking, it is not necessary to use a domain
in order to send as an SMTP client. However, in practice one needs an
email address to do any legitimate use of SMTP, and hence a domain is
required.
Schemes that pass accountability onto what might be feckless domain
owners are inherently evil.
I disagree, _provided_ accountability is actually passed on.
+1
The fact that a trusting and naive user had their domain authorize a
provider just to have their email accepted, does not mean other messages
emitted might not be mistaken as also belonging to that user's domain.
Should providers check for SPF or Sender-ID compliance? How many SLA
include this requirement? When the "passing-on" is based upon
receptions at spam traps, acceptance reliance based on "authorization"
is likely to downgrade acceptance of the domain, especially when A-R
headers exclude the IP address of the provider. Will providers really
care the wrong entity had been blamed?
You can never know whether that domain's owners are really so foolish
to trust a criminal provider, rather than participating accessories.
Assuming their bad faith, one should downgrade acceptance of their domain.
What you appear to be thinking of is not accountability but mere
identification (albeit moderately strong identification).
Moderately strong? Without knowing the IP address of the provider, it
would be extremely foolish to conclude any level of identification
assurance, especially "moderately strong".
IMHO, the domain registrants (resulting from whois records) provide an
identification that is comparable in strength, but finer in granularity.
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg
<Prev in Thread] |
Current Thread |
[Next in Thread>
|
- Re: [Asrg] What are the IPs that sends mail for a domain?, (continued)
- Re: [Asrg] What are the IPs that sends mail for a domain?, Douglas Otis
- Re: [Asrg] What are the IPs that sends mail for a domain?,
Alessandro Vesely <=
- Re: [Asrg] What are the IPs that sends mail for a domain?, Franck Martin
- Re: [Asrg] What are the IPs that sends mail for a domain?, Steve Atkins
- Re: [Asrg] What are the IPs that sends mail for a domain?, Paul Russell
- Re: [Asrg] What are the IPs that sends mail for a domain?, David Nicol
- Re: [Asrg] What are the IPs that sends mail for a domain?, Steve Atkins
- Re: [Asrg] What are the IPs that sends mail for a domain?, Alessandro Vesely
- Re: [Asrg] What are the IPs that sends mail for a domain?, Bill Cole
- Re: [Asrg] What are the IPs that sends mail for a domain?, John Levine
- Re: [Asrg] What are the IPs that sends mail for a domain?, Alessandro Vesely
- Re: [Asrg] What are the IPs that sends mail for a domain?, John Leslie
|
|
|