ietf-mxcomp
[Top] [All Lists]

Re: Choice of SMTP headers

2004-03-25 08:48:11

In <20040324204537(_dot_)GP96036(_at_)bitshift(_dot_)org> "Mark C. Langston" 
<mark(_at_)bitshift(_dot_)org> writes:

On Wed, Mar 24, 2004 at 02:16:23PM -0600, wayne wrote:

It is also known that several large domain parking systems have
published SPF records for all of their parked domains.  

[long list of questions about the relationship between registrars
and their customers deleted]

In most cases, such questions can be answered by looking at the TOS
and other legal gobbledegook.   If you still have questions, I would
suggest emailing them.

If the end-user DOES have a legal right to use the domain name, and they
are prohibted from doing so thanks to SPF or similar proposals, what
then?

Then there are, obvious, well known and well established methods of
seeking legal remedies. 

So, your solution is to sue providers who use, say, transparent proxies?

Transparent proxies only change the IP address that you need to
publish in your LMAP information.


If you, as a domain name owner, choose to make your life difficult for
your self, then, well, I'm happy for you.  


You miss the point.  I'm trying to make my life easy and convenient.
It's the proposals that will eliminate this ease and convenience that
will make my life difficult.

Well, if you don't like what the LMAP proposals do, then don't publish
LMAP information for your domain.  All LMAP proposals default to
keeping the status quo if no information is published, and I'm pretty
sure that all LMAP proposals support publishing information makes this
explicit.


A proof-of-concept rate-limiting DNS server for SPF was published several
months ago.  This would allow you, as a domain owner, to let a certain
number of emails from unexpected sources to go through [...]

So, domain owners have to convince their nameservice providers to switch
to an entirely new DNS server?  I don't find that to be a reasonable
expectation.  It's fine if you provide your own nameservice, but of
those 250 million domain names, I'd wager the vast majority don't.

You would probably want to provide your own name server to do this
rate checking.  With SPF, it wouldn't have to be the same name server
as hosts your zone.


For example, with SPF you could have something this:

        v=spf1 mx exists:%{l}.%{i}.special_ns.example.com -all

If the MX check didn't match, a lookup would be directed to the
subdomain of "special_ns.example.com" with the local part of the email
address (%{l}) and the IP address (%{i}) tacked on.  This subdomain
would have it's own NS records and it would only know how to parse the
DNS requests in the correct format.  After analyzing the IP address of
the client MTA, the local part, and the IP address of the name server
making the request, it could decide whether to generate an A RR of
127.0.0.2 or to send an NXDOMAIN, and it could also decide the
appropriate TTL.


-wayne


<Prev in Thread] Current Thread [Next in Thread>