ietf-mxcomp
[Top] [All Lists]

Re: Forging (was Re: Differences between CSV and Sender-ID )

2004-07-08 11:51:37

--Douglas Otis <dotis(_at_)mail-abuse(_dot_)org> wrote:

From this definition of forgery, it would appear you are not referring
to Sender-ID.  This is important as Sender-ID is changing the scope of
this protection.  The ASRG definition was based on an effort to reduce
mail traffic by examining RFC 2821 information. Sender-ID uses RFC 2822
information and, as such, will not impact mail traffic.


This point assumes that mail traffic will continue at the same level, even when messages are being rejected post-data. Spammers don't want to spend time and bandwidth on a losing transaction any more than receivers do. I assume the opposite: that when forgeries are being detected (even after DATA) that the traffic causing the failed messages WILL go down. This is based on the idea that spammers will adapt in order to get their messages through.



  If a DNS server holding MARID information isn't robust, then it will
most likely also fail for MX records, in addition to MARID records.

The rate that a Sender-ID SMTP receiver queries DNS versus that needed
to find an MX server by the SMTP sender are significantly different in
terms of both the number of queries and the serial sequence required.
The loads and delays are not comparable to allow such an analogy to
dismiss these concerns.


I think the previous message was referring to MX records being looked up by the receiver (to see if the sender's MX is 127.0.0.1 for example).

I believe most MARID DNS queries will be 1 or 2 per transaction and can be cached easily. I have seen nothing to suggest that the relationship is other than linear. Therefore I dismiss "these concerns" which seem to suggest that the relationship is geometric or exponential or whatever. It doesn't make sense, and is not borne out by the early adopters of SPF.



  I don't see how "robustness" matters more for DNS when it contains
MARID records than when it doesn't.  Sure, more records are being
looked up in DNS, but many MTA's already do MX lookups when receiving
mail "from" a domain, in an attempt to implicitly discover the domain
owners intent, even when there's no standard saying that they should
do this.

Scale and Scope

The complex linked nature of these records becomes important as this is
indicative of limitations Sender-ID has with respect to scale.  An MX
record only refers to a set of hosts that "receive" mail for a domain.
As SMTP allows this mail to be relayed, there may be many times this
number of hosts that "send" mail for the same domain.  In addition, all
other domains that may originate mail on behalf of this domain are to be
expressed by this Sender-ID record set.  In addition, these records also
reflect other domains that may also share these hosts.  An MX record is
never expected to be so expansive in scope nor is comparative to the
potential size of such a response.  This still excludes the "added"
features.  : 0


Hmm, this paragraph also seems to contain high FUD-to-fact ratio.


  Or, do you see Sender-ID as having an amplification problem?  e.g.
If MARID queries increased super-linearly with the number of
connections. If so, it would be a serious flaw in the proposal.

Serious indeed.


Hmm, in that case I would be interested to see any information that leads a reasonable person to believe that the relationship is not linear. (hint: y=20x is a linear relationship)



--
Greg Connor <gconnor(_at_)nekodojo(_dot_)org>


<Prev in Thread] Current Thread [Next in Thread>