ietf-mxcomp
[Top] [All Lists]

Re: The roaming user problem is insoluble (paging Meng Wong)

2004-05-10 19:13:16

On 5/10/2004 9:45 AM, Douglas Otis sent forth electrons to convey:

On Mon, 2004-05-10 at 07:48, Tony Finch wrote:
On Sun, 9 May 2004, william(at)elan.net wrote:
<SMTP AUTH with SMTP fallback>

IME this case is a recipe for messages disappearing without a trace. For
example, Freeserve's transparent SMTP proxies are in the MAPS DUL so when
my users try to send email at home they often find that our servers reject
both the original message and the resulting bounce. Similar effects will
result from LMAP or SES rejections.
Umm, this makes no sense. http://mail-abuse.org/dul/enduser.htm says that such IPs should not be in the MAPS DUL ("...the DUL^SM will not list your ISP's outgoing mail server..."). Someone made a mistake if they are. If the the SMTP proxies are transparent, then it is the end user's IP that in the DUL and being looked up as the connecting server. Is that what you meant to say? Then I see the problem. Their SMTP proxy should simply be made non-transparent. Mail from DUL listed IPs is nearly 100% spam.

Is there an major reason why SPF can not use the helo/ehlo domain as a
primary reference rather than as a fall-back?  The SPF proposal should
consider an immediate benefit of using DNS to authorize the MTA long
before repudiating mail 'from' becomes practical.  From my
understanding, the first task of this work group is to consider
authorizing the MTA and not repudiating mail 'from'.  A consistent
method of authorizing the MTA will provide significant relief and can
serve as a foundation for mail 'from' repudiation.  Consider MTA
authorization as a first step as indicated in the charter.
Hear, hear. I would say that "SPF with mandatory HELO checks, NBB, and no SRS requirement" is another way to describe what I've been suggesting (CSV+NBB and other tweaks).

Meng, may we develop an I-D based on the ideas in the CSV thread and on the SPF I-D? We need your or Mark's permission to create a derivative work, but you've indicated you don't like these ideas (I've expressed my counterarguments to your reasoning elsewhere).
I'd like to see if there isn't more ready adoption of this scheme.
BTW, I did respond to your post in that thread, as part of one long post responding to several other posts in the thread.