On 12/23/10 9:39 PM, Hector Santos wrote:
John R Levine wrote:
>
> Not really. I want to give advice to people who are writing MTAs.
> They need to deal with whatever they find when they're trying to
> deliver mail.
>
> As I hardly need to tell anyone here, we need to deliver mail on
> the Internet we have, not the Internet we might want or wish to
> have at a later time.
Which *should* means if you offer a public smtp service port, you
have to support a IPv4 and MX service connection regardless.
Hector,
Perhaps, but when entities having mixed reputations end up behind common
addresses, this will necessitate domain authentication techniques to
unravel shared resources. Malefactors will seek out situations where
blocking by address is likely untenable. Identity by address will not
represent either a limited nor unique resource that offers reputations
an effective mitigation strategy. IMHO, this means sources will need to
establish authentication techniques independent of the IP address used,
since even white-listing an IP address is likely to become problematic.
A low cost and readily available solution may not be far off. See-
https://datatracker.ietf.org/doc/draft-ietf-dane-protocol/
-Doug