ietf-clear
[Top] [All Lists]

[clear] non-domain HELOs

2005-03-11 06:31:26
On Fri, 11 Mar 2005, Dave Crocker wrote:

the first, of course, is to dismiss these occurrences either with a
simple "that's not within csv's scope" or "they shouldn't be doing that".
the second is to consider whether csv can/should be changed to
accomodate some of the occurrences.
if the latter is preferred, what should we do?

I've already suggested putting CSA records in the reverse DNS, sort of
like MTA Mark. My Exim implementation supports this extension.

Would it be sensible to use the target host name of a reverse DNS CSA
record for looking up the client's rating, so that one gets a forward DNS
domain instead of an IP address? One disadvantage of this idea is that you
lose CSV's parallelism. It also means that you don't have a hostname to
use for the lookup if the client's site doesn't support CSA. Perhaps the
answer in this case is to stick with traditional DNSBLs.

Reverse DNS CSA only partly addresses the problem; one of the common
causes for bogus HELO domain literals is NATting, e.g. EHLO [192.168.0.10],
and it isn't possible to do anything sensible with that kind of domain. It
might be a good idea to use the client's IP address instead, if the domain
literal is in bogon space, but this would be a configuration or
implementation matter rather than something to be included in the
specification.

Tony.
-- 
f.a.n.finch  <dot(_at_)dotat(_dot_)at>  http://dotat.at/
THE MULL OF GALLOWAY TO MULL OF KINTYRE INCLUDING THE FIRTH OF CLYDE AND THE
NORTH CHANNEL: WEST VEERING NORTHWEST 5 TO 7. RAIN THEN SHOWERS. GOOD OR
MODERATE. MODERATE TO ROUGH BUT ROUGH TO VERY ROUGH IN THE NORTH.
<Prev in Thread] Current Thread [Next in Thread>