[Top] [All Lists]

Re: MTAMARK (was: SPF I-D for review: draft-schlitt-spf-classic-01.txt)

2005-05-24 13:43:46

On Tue, May 24, 2005 at 10:09:12AM -0400, Bruce Lilly wrote:
On Mon May 23 2005 14:39, Frank Ellermann wrote:
The "surviving" LMAP proposals (CSV, MTAMARK, SPF)
do very different things, SPF covers some older ideas.

They all suffer from similar problems involving the issues

*ALL* is wrong as MTAMARK does neither of the 3 points you have
outlined. It doesn't fiddle with domains or senders ... it is a simple
way for the admin of IP space to tell others whether s/he thinks that
a certain IP is associated with a mailserver that should send mail
accross the public Internet. Not more, not less. Unless port 25 blocking
it leaves the decision up to the receiver.
As spammers hardly have access to the reverse DNS tree they can't add
marks for their zombie armies (usually) and as it is a distributed
scheme it is hard to attack (unlike DNSBLs).

In the .DE zone there are about 140000 unique IP addresses handling (MX)
all mail for all 7.9 millions domains. Assuming the same magnitude of
sending MTAs deployment is easy and fast (compared to >> 7.9 millions
of e.g. SPF records needed) and the more TLDs you add to the picture
the better the relation MTA <> #domains will get.

Some ISPs and Mail Service Providers mostly in Germany/Austria/Switzerland
already have added MTAMARK records for their mailservers and we use it
on the receiving side e.g. for anti-greylisting with big success.


SpaceNet AG            | Joseph-Dollinger-Bogen 14 | Fon: +49 (89) 32356-0
Research & Development |       D-80807 Muenchen    | Fax: +49 (89) 32356-299
"The security, stability and reliability of a computer system is reciprocally
 proportional to the amount of vacuity between the ears of the admin"

<Prev in Thread] Current Thread [Next in Thread>