On 2012-10-20 07:25:04 -0700, Bart Schaefer wrote:
On Oct 20, 9:30am, Peter J. Holzer wrote:
}
} Is there a reason why a legitimate MTA (talking to MXs, not submission
} servers) would want to hop around in its net?
A legitimate MTA could still be running in a dynamically-assigned space.
In this case it might hop all over the space but probably wouldn't hop
very frequently.
By "dynamically-assigned space" do you mean a dynamically assigned
address within a /64 (either by DHCP or by privacy extensions)? If so, I
already mentioned that and yes, I think it doesn't change fast enough to
make greylisting infeasible (but frequently enough to make it annoying).
If you mean that an ISP is assigning a different /64 to the same
customer periodically (some privacy evangelists are demanding that this
should be the default), then this would probably be done even less
frequently, and this would most likely be treated the same as
dynamically assigned space today (i.e. very likely to be a zombie, not a
legitimate MTA).
A single MTA host might have multiple NICs each with its own IP, and not
always choose the same interface for the same MX on retry. Here it might
hop quite a lot, but among a limited number of choices.
An IP stack might also choose IP addresses at random or in a round robin
fashion if the interface has several. That could be a problem.
hp
--
_ | Peter J. Holzer | Der eigene Verstand bleibt gefühlt messer-
|_|_) | Sysadmin WSR | scharf. Aber die restliche Welt blickt's
| | | hjp(_at_)hjp(_dot_)at | immer weniger.
__/ | http://www.hjp.at/ | -- Matthias Kohrs in desd
signature.asc
Description: Digital signature
_______________________________________________
Asrg mailing list
Asrg(_at_)irtf(_dot_)org
http://www.irtf.org/mailman/listinfo/asrg