ietf-mxcomp
[Top] [All Lists]

Re: Source routing -- why not?

2004-11-30 05:38:02

On Tue, Nov 30, 2004 at 12:16:42PM +0000, Tony Finch wrote:

Source routes require all mail servers to be open relays.

Why?

Source routes don't record the relationship between a(_at_)a, b(_at_)b, and 
c(_at_)c(_dot_) In
your scenario the message to c(_at_)c would start MAIL FROM:<@b:a(_at_)a>. A 
spammer
who knows that b is a forwarding host can then spam anyone by sending MAIL
FROM:<> RCPT TO:<@b:victim(_at_)target>.

I disagree.

Source routes by themselves are not the problem.

Indeed, lack of security would be a problem.

There's no reason why MTA b would not be able to keep state somewhere
else than in the envelope.

There's no reason why MTA b would have to relay a message to 
@b:victim(_at_)target

There's no reason at all why MTA b would relay messages at all.  The only
"relay" functionality would be a 'reverse forward' so that bounces going
to b(_at_)b will be forward to a(_at_)a, not to c(_at_)c(_dot_)

I don't even see any reason why the classic form of source routing needs
to be used.  When 'b' forwards the message to 'c', and when it uses its
own name, bounces will go to 'b' and can be 'reverse-forward' to the true
originator.


This is why SRS has all the cryptography, in order to provide a secure
replacement for the obsolete and unimplemented RFC821 forward and reverse
paths.

Without saying if its good or bad:
That is _a_ solution, not _the_ solution.

cheers,
Alex
-- 
I ask you to respect any "Reply-To" and "Mail-Follow-Up" headers.  If
you reply to me off-list, you'd better tell me you're doing so.  If
you don't, and if I reply to the list, that's your problem, not mine.


<Prev in Thread] Current Thread [Next in Thread>