ietf-mxcomp
[Top] [All Lists]

Re: CVS Questions/Comments [was Re: Comparing apples to multiple, hypothetical oranges]

2004-07-01 16:44:34


----- Original Message ----- 
From: "Roy Badami" <roy(_at_)gnomon(_dot_)org(_dot_)uk>
To: "Hector Santos" <hsantos(_at_)santronics(_dot_)com>
Cc: "Dave Crocker" <dcrocker(_at_)brandenburg(_dot_)com>; 
<ietf-mxcomp(_at_)imc(_dot_)org>
Sent: Thursday, July 01, 2004 3:25 PM
Subject: CVS Questions/Comments [was Re: Comparing apples to multiple,
hypothetical oranges]



"Hector" == Hector Santos <hsantos(_at_)santronics(_dot_)com> writes:

    Hector> - if the client domain is a bracketed IP liternal, it must
    Hector> match the sender IP.  Its an obvious spoof.

Stricly, that's not true, because the sender might be multi-homed.

Incidentally, AIUI, multihomed hosts are the main rationale behind the
prohibition in RFC1123 (carried forwards to RFC2821) against rejecting
mail because the source IP address doesn't match the HELO.


Good point.  Its an option. Doing a quick grep in the logs, I have not come
across one yet that is a False Positive.  All of them were based on spoofing
our IP literal hence no explaining why spammers are not complaining.

What do you think about the following?

SASL should trump CVS.  For maximum capability without lost of
functionality, CVS should wait until SASL is established or not, thus
implying the CVS logic is initiated before or after the next command.   It
is the only way I can see implemented it.   Users using SMTP AUTH are not
expected to be CVS ready.

Thanks

-- 
Hector Santos, Santronics Software, Inc.
http://www.santronics.com