ietf-clear
[Top] [All Lists]

[ietf-clear] Getting CSV ready for prime time

2004-12-01 06:58:34

----- Original Message ----- 
From: "Tony Finch" <dot(_at_)dotat(_dot_)at>
To: "John R Levine" <johnl(_at_)iecc(_dot_)com>
Cc: <ietf-clear(_at_)mipassoc(_dot_)org>
Sent: Wednesday, December 01, 2004 10:22 AM
Subject: Re: [ietf-clear] Getting CSV ready for prime time


On Wed, 1 Dec 2004, John R Levine wrote:

The disadvantage of the A lookup, beyond the theological issue that RFC
2821 says not to verify the HELO name for reasons that I think have long
faded into irrelevance, is that it forces the HELO namespace to match
the
real namespace.

A very large proportion of legitimate email senders use broken HELO
domains. Most commonly they use private names, or unqualified names, etc.
It isn't possible on a real-world SMTP server to require that SMTP clients
have a valid A record for their HELO domains. This also allows attackers
to say EHLO nonexistent.cam.ac.uk in order to prevent the SMTP server for
searching for the cam.ac.uk CSA SRV record.


Tony,  do you believe the majority of broken HELO domains are from MUA or
MSAs?

It is my opinion that "almost all" MSAs have legitimate HELO/EHLO domains.
The proliferation of anti-spam software using the HELO domain for a
rudimentary DNS sanity check has gone a long way to fix this problem.  If
this is a bad assumption,  we are in a world of hurt..

MUAs are mostly broken (thanks to windows/ms).  I always assumed people will
need to relay from an MUA to a known MSA (via SMTP AUTH).  CSV  would only
get in the way here.  I didn't plan of checking CSV records for any
"authorized" connections.

Even if the MUA had a legit HELO domain, I might argue setting it's SRV
records to "not allowed to send".    There is no need for a MSA to check CSV
if it only accepts authenticated mail (via smtp auth or whatever).  So if
that MUA host had a "trojan MTA", it would not be allowed to send mail using
the local domain.