-----Original Message-----
From: Yakov Shafranovich [mailto:research(_at_)solidmatrix(_dot_)com]
Sent: Friday, April 23, 2004 6:09 PM
To: Ted Hardie
Cc: ietf-mxcomp(_at_)imc(_dot_)org
Subject: Re: Not just which dots, but how are they connected?
Ted Hardie wrote:
So my question one: is it valuable for a domain to be able to list the
set
of hosts it "employs" as outbound MTAs?
Yes, this protects the domain from certain types of forgeries (bounces
and phishing). HOWEVER, it does not protect against other types of spam
since spammers can set up their own domains. It does however allow for
an identity that can be used to build other reputation systems.
My question two: is it valuable for a domain to be able to list the set
of
hosts it is "responsible for" as outbound MTAs?
Yes and no. In theory this gives another hoop for spammers to jump
through and allows another vector of identity (WHOIS info) for the MTA.
In practice, without a reputation system it is useless.
In practice any identity without a reputation or accreditation system will
be useless in relatively short order, but identity gives you a place to
which to attach accreditation and reputation. You can hold the domain that
owns the mail server accountable, and you can hold the domain that the
author (sender) belongs to accountable. This will take care of the 2821
forgery problem. Solving the 2821 bounce storm problem does not provide a
particularly useful accreditation hook, and it doesn't solve any of the
other spamming problems.
Margaret.