On Saturday 09 December 2006 22:57, John Levine wrote:
So attacker now gets smarter and sends as
foo(_at_)a(_dot_)b(_dot_)c(_dot_)d(_dot_)example(_dot_)com(_dot_)
Is there a policy record there? No. Can I populate every possible
subdomain there? Not with DNS wildcards, therefore no. Uh-oh.
We ran into just this problem while defining CSV, the "like wildcards
except that we use prefixes" problem. Having gone around this a lot
of times, I think I can say with confidence that there are a lot of
hacks, some rather clever, but there is no good solution.
The suggestion that SSP would fail if a domain doesn't have at least
one of MX, A, or AAAA (perhaps with intervening CNAMEs) is intriguing,
but it would have the effect of adding the same condition to RFC 821
or 2821 since SSP users would thereby decree such mail to be
undeliverable.. I entirely agree that it is unlikely that one will
get legit mail from an address without enough DNS to write back, but
this is severe standards mission creep.
I'm not suggesting SSP fails, just that providing an SSP for non-existing
domains is not a requirement. If the domain doesn't exist, then SSP can say
nothing either way. It's outside the scope of this protocol.
One could regard this, potentially, as a gap in the protection (such as it is,
let's not argue that again) provided by SSP, but I think non-existence of a
domain is reason enough to be suspicious. That doesn't say one couldn't
accept such a message, if you do, you are welcome too, I just don't think we
should complicate SSP by attempting to require non-existent domains be
protected.
Scott K
_______________________________________________
NOTE WELL: This list operates according to
http://mipassoc.org/dkim/ietf-list-rules.html