Can a spammer set up a domain and rDNS with records under the spec and
spoof From: yes, for all the extant I-Ds, including this one, and C-ID,
BUT not for long - the domain will get blacklisted PDQ.
Is a spammer forced to use a domain set up with records that specify its
authorized MTAs: yeah.
If anyone would like to try out CSV, for your convenience I've set up
DNS that will let you use any host anywhere for 100% CSV compliant
mail. If your host is at IP address 11.22.33.44, merely have it HELO
or EHLO as 11-22-33-44.csv.services.net. Viz:
$ dig 11-22-33-44.csv.services.net any
; <<>> DiG 8.3 <<>> 11-22-33-44.csv.services.net any
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 46829
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUERY SECTION:
;; 11-22-33-44.csv.services.net, type = ANY, class = IN
;; ANSWER SECTION:
11-22-33-44.csv.services.net. 12H IN A 11.22.33.44
$ dig _client._smtp.11-22-33-44.csv.services.net srv
; <<>> DiG 8.3 <<>> _client._smtp.11-22-33-44.csv.services.net srv
;; res options: init recurs defnam dnsrch
;; got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 60262
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0
;; QUERY SECTION:
;; _client._smtp.11-22-33-44.csv.services.net, type = SRV, class = IN
;; ANSWER SECTION:
_client._smtp.11-22-33-44.csv.services.net. 11h58m52s IN SRV 1 0 25
11-22-33-44.csv.services.net.
Regards,
John Levine, johnl(_at_)taugh(_dot_)com, Taughannock Networks, Trumansburg NY
http://www.taugh.com
PS: If anyone is wondering how I got eight billion different DNS
records into the csv.services.net zone, I did it in perl.