ietf-mxcomp
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Trouble with Sender Authentication

2006-11-09 18:39:02
from [william(at)elan.net] [Permanent Link]
CSV specified that a single target be used. When associated with DKIM per DOSP, an address literal or a single A record offers sufficient validation. Validating the EHLO simply does not offer any gain; nor is this gain is not multiplied by subsequent stages or multiple recipients. 

I'll post tomorrow example of how to do exactly the same attack as Doug
discribed using different record type (and it would also bypass DNS ACLs
& BCP38), specially for Doug I'll use EHLO in that example although in
practice it does not matter (it does not even need to be email).

---
William Leibzon
Elan Networks
william(_at_)elan(_dot_)net
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Trouble with Sender Authentication, Julian Mehnle
Next by Date:  Re: Trouble with Sender Authentication, John Leslie
Previous by Thread:  Re: Trouble with Sender Authentication, william(at)elan.net
Next by Thread:  Interesting (ab)uses of DNS (was: Trouble with Sender Authentication), Frank Ellermann
Indexes:  [Date] [Thread] [Top] [All Lists]