On Wed, 1 Dec 2004, John R Levine wrote:
The disadvantage of the A lookup, beyond the theological issue that RFC
2821 says not to verify the HELO name for reasons that I think have long
faded into irrelevance, is that it forces the HELO namespace to match the
real namespace.
A very large proportion of legitimate email senders use broken HELO
domains. Most commonly they use private names, or unqualified names, etc.
It isn't possible on a real-world SMTP server to require that SMTP clients
have a valid A record for their HELO domains. This also allows attackers
to say EHLO nonexistent.cam.ac.uk in order to prevent the SMTP server for
searching for the cam.ac.uk CSA SRV record.
Regarding John Leslie's comments, I don't see much value in an
authorization scheme that says either "yes" or "maybe". CSV really needs
a mechanism for admins to specify default-"no" for all their subdomains.
Regarding attacks of the form EHLO a.b.c.d.e.f.g, why not specify that the
SMTP server must be able to find a CSA SRV record within 3 lookups? If the
server doesn't find the SRV for _client._smtp.d.e.f.g it can give up and
assume there isn't one. Three levels should be enough for all real world
domains.
Tony.
--
f.a.n.finch <dot(_at_)dotat(_dot_)at> http://dotat.at/
MALIN HEBRIDES: NORTHEAST 4 OR 5 INCREASING 6. RAIN LATER. GOOD BECOMING
MODERATE.