ietf-dkim
[Top] [All Lists]

Re: [ietf-dkim] Domain Existence Check and Erroneous Abstract

2008-06-06 10:55:36

On Jun 6, 2008, at 2:44 AM, Charles Lindsey wrote:

On Thu, 05 Jun 2008 19:41:34 +0100, Douglas Otis <dotis(_at_)mail- 
abuse.org>
wrote:

On Jun 5, 2008, at 4:23 AM, Charles Lindsey wrote:

Many companies use MS Exchange rather than normal SMTP servers.  MS  
Exchange permits creation of mail addresses unreachable by SMTP,  
since these domains may only exist through an internal X.400  
assignment.  While some companies find this a desirable feature, it  
is often a PITA for users of this service.  While a parent domain  
may wish to assert ADSP practices, MS Exchange related email sub- 
domains can be created for various purposes without publishing  
_any_ record within DNS.  The MUA will therefore receive a mixture  
of SMTP and MS Exchange messages, but this would only create a  
problem with specific domains for users of the MS Exchange service.

Will you please answer the question I asked, which was for an  
example of an actual message and how it would appear at various  
stages as it passed through a mail system from the point where it  
was originated (and hopefully signed) to the point where it needed  
to be verified.

I have no idea what MS Exchange does, and after reading your  
gobbledegook I am still no wiser.


MS Exchange initially utilized X.400 name space.  As far as DKIM or  
SMTP is concerned, this name space is _not_ within DNS.  Company  
Example sets up internal forums using X.400 assignments to address  
them.  Some members of company Example prefer their messages forwarded  
to SMTP accounts.  The forwarding technique permits standardized  
access to mail.  Perhaps it would be better to say there are many  
reasons.  Once members of company Example forwards mail, then a  
message such as:

From: Conductor Bill <Team-Choo-Choo(_at_)Lionel(_dot_)Example(_dot_)com>
To: Staff <Employee(_at_)Example(_dot_)com>
Subject: We Think we can.

may be sent.

When receivers examine the From: email-address "Conductor Bill 
<Team-Choo-Choo(_at_)Lionel(_dot_)Example(_dot_)com 
", while Example.com might exist due to their employee email- 
addresses supporting SMTP being "Employee(_at_)Example(_dot_)com", they may  
discover "Lionel.Example.com" does not exist within DNS at all.   
"Lionel.Example.com" may only exist as an X.400 assignment within MS  
Exchange.  This should not be surprising, since Microsoft retrofitted  
both DNS and SMTP into their OS.  This means a check for any record  
might return NXDOMAIN, and there not be any A, AAAA, or MX records  
either.  In other words, in order for members of company Example to  
respond to Conductor Bill, they will need to VPN into their office  
network, use Outlook web access, or use some method that permits  
negotiation with Example's MS Exchange connector.

I hope the example helps.

-Doug
_______________________________________________
NOTE WELL: This list operates according to 
http://mipassoc.org/dkim/ietf-list-rules.html

<Prev in Thread] Current Thread [Next in Thread>