Yes I know it's too early to discuss DNA, but ideas don't arrive
according to a timetable :-)
At the moment accreditation and reputation lookup keys in DNA take the
simple form of <HELO name>.<DNA service>. I think it would be useful to
make them more elaborate: <HELO>.<reversed addr>.<IP version>.<service>.
For example:
ppsw-0.csi.cam.ac.uk.130.8.111.131.ip4.blacklist.example
sesame.csx.cam.ac.uk.a.8.5.a.9.0.e.f.f.f.c.0.e.0.2.0.0.8.0.8.0.0.2.0.0.6.3.0.1.0.0.2.ip6.blacklist.example
This would allow some interesting services to be implemented, for example:
* It can be used for IP-based and/or HELO-based listings.
* The DNA service can implement CSA on behalf of the SMTP receiver.
* The DNA service can implement non-CSA authentication of the SMTP client
for legacy sites.
* The DNA service can combine multiple functions into a single
query/response exchange from the SMTP server.
SMTP servers are often based on many short-lived processes, which aren't
effective at cacheing DNS information. This could significantly reduce the
amount of DNS traffic generated by the SMTP server.
The disadvantage of this idea is that the lookup key will often contain
redundant information, which could cause DNS caches to be clogged up with
multiple names where only one is needed.
Tony.
--
f.a.n.finch <dot(_at_)dotat(_dot_)at> http://dotat.at/
THE WASH TO NORTH FORELAND: SOUTHWEST 5 TO 7, OCCASIONALLY GALE 8 LATER. RAIN
OR SHOWERS. MODERATE OR GOOD. MODERATE OR ROUGH.