On 6/23/04 12:18 PM, Douglas Otis sent forth electrons to convey:
On Wed, 2004-06-23 at 01:58, Matthew Elvey wrote:
On 6/22/04 8:37 PM, Douglas Otis sent forth electrons to convey:
...
Any mechanism introduced that stems the flow of UCE will be subjected to
intensive attack. ...
Unlike these queries in parallel to _known_ servers, the SPF/CID schemes
involve a series of queries to _unknown_ and possibly hostile name
servers.
I know that. I did read the first sentence above! I was CLEARLY
discussing best case. You just didn't notice.
Certainly, worst case is also important. More important, in fact. But
best case is important too.
This will be more realistic:
As example, a mail server is receiving 50 messages per second that
average 4 K bytes in size. If using the SPF/CID mechanism, checking DNS
data is indeterminate as there is no limit for the number of sequential
queries required to converge upon an answer. RFC1035 indicates 5 to 10
seconds should be considered a worst case resolver interval.
-
If there becomes an average of 4 queries with an average of 1 second
a query, then this limits each process to about _ message about every
minute.
These are messages from hostile domains.
NO THEY ARE NOT. You didn't read my post, particularly what immediately
preceeded the above quote/read it selectively.
Please do not quote me misleadingly again. Grr...
What kind of selective misquoting are you up to? You cut this:
"If MARID is effective enough for long enough that most spammers give
up, then .... " !!!
Sheesh!
In addition to this estimate ignoring the actual size of the query
response
No; see ?wayne's? data on typical SPF record sizes.