On Sun 13/May/2012 20:13:44 +0200 Chris Lewis wrote:
On 12-05-13 01:21 PM, Alessandro Vesely wrote:
That seems to imply that it is necessary to use scripts to keep helo
names, IP addresses, and SPF in sync. Would that be worth?
The reality is going to be is that since it relies on SPF to be valid,
few people would bother implementing it on the sending side, and there
will be more than enough people ignoring the requirement to SPF verify
before trusting it, that kabooms! will still happen.
So it would be an error-prone technique? We are talking about
/postmasters/ extracting target addresses for abuse reporting, not end
users. Shouldn't that imply some knowledge?
SPF records are going to sport a new ra= modifier, specifying an
address for reporting authentication failures, not abuse. That may
bring further confusion, in fact.
There are other ways of doing this that doesn't require ancillary gunk
like SPF. There's at least one IP-based DNSBL that yields the same data.
Which one do you mean? DNS lists like abusix get their data from
RIRs' whois databases. In that case, virtual MTA providers would have
to restrict their choice of network providers based on proper
management of whois records, besides cost, bandwidth, uptime, support, ...
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg