At 12:31 PM 6/26/2005 +0000, John Levine wrote:
This is the question:
If you are trying to address another issue with your CIDR suggestion, is
there any reason that a single host's HELO would need to be associated
with multiple A records other than (1) multi-homing or (2) using a domain
name rather than a host name for a HELO?
If a host name is multihomed, it should be obvious that the addresses
are in address ranges that are routed differently.
Good point. I was thinking more of the situation where you have 9 machines
in one rack. In that case, they could all be put in the same IP
block. Machines in another building should probably have a different name
anyway.
Think of some overworked guy who spends all day answering help desk calls
at a small ISP. One day he has to deal with a new problem - some
"authentication thingy" that is causing his outgoing mail to be rejected.
The small ISPs I know have maybe three mail hosts. After he spends 20
minutes researching what the heck CSV is, don't you think it would be
better for us to encourage him to to spend 3 minutes adding his three
correct CSV records rather than 2 minutes adding a bogus CSV record
with a bogus overbroad CIDR block that would doubtless include all of
the spam zombies in his DSL range?
I agree we shouldn't do anything bogus. The situation I'm thinking of is
an ISP with a big IP block, most of which is allocated to residential
customers. If that ISP can move his mailouts to one small range of that
block, he can protect his mailouts without limiting his customers.
By the way, 20 minutes is optimistic. Most senders won't spend 2 minutes
without more incentive than they have now. We need to think about giving
them a default record which includes their entire IP block. Then when they
scream and holler, no problem. Just go to this website, fill out a form,
and tell us where your mailouts really are.
One last comment on syntax and record complexity: Think what will happen
if we ever have a consolidated DNS record including domain ratings, data
from other authentication methods, etc. CSV could have a significant
advantage over other authentication methods.
One of the few good things that happened in MARID is that MS' proposal
for a bloated omnibus DNS record was thoroughly discredited.
Another useless pigeonhole. I would not let anything MS proposes influence
me, one way or the other. In this case, the consolidated record would be
limited to 512 bytes, thereby giving everyone an incentive not to bloat
their syntax.
--
Dave
************************************************************ *
* David MacQuigg, PhD email: david_macquigg at yahoo.com * *
* IC Design Engineer phone: USA 520-721-4583 * * *
* Analog Design Methodologies * * *
* 9320 East Mikelyn Lane * * *
* VRS Consulting, P.C. Tucson, Arizona 85710 *
************************************************************ *