ietf
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: DNS Rule Transmission is a new tool in anti-spam controls

2012-02-27 12:02:53
from [Hector] [Permanent Link] 
Todd Glassey wrote:
I want to point out that the ability and use of DNS to transmit policy statements is a valuable tool in dealing with certain types of DMA sponsored emails which many of us wish would go away.
But we are also encouraging them to do so. It is now BCP by the DMA community to support these new Email "Mouse Trap" policy based mechanisms.
My view is that the *power* is in the domain policy fault detection for compliancy. So at the top level, as long as they are domain compliant as expected for all, they should be treated equally as just another anonymous domain transaction exposing their policies.
The idea of being able to send a statement of the use rules for a MX record for instance is a very powerful process in new networking models which are more policy driven in form.
+1, again, in my view, when enforced from a fault detection standpoint the higher payoff is more realized.
Clearly the TXT records can carry these types of statements but it would seem to make sense to allow some pre-approved tags and response mandates to be used as well. 

+1.  I see the "issue" as following:
1) Using the same name space where there is no standard for the separation of "TXT" strings requiring the the individual protocols to have its own string detection mechanism.
2) Due to#1 and the lower feasibility of using RR types, use a special namespace (subdomain).
Some existing protocols such as AD and XMPP would not get wide support until RR types such as SRV was widely supported. And even then, for backward compatibility, had to include fall back for widest support discovery.
A major part of the dilemma is the overhead with the migration path with the hope its only a initial short term impact, but an eventual long term benefit in lowering the impact on DNS.
I believe what is required is a Batch call of Multiple Query Packets under a single call feature to be proposed for DNS servers to support because currently the recommendation is to use an async emulation of two independent by managed DNS calls.
I see this helping with the usage and consideration of new protocols considering new RR types but may have to first use a fast entry, widest support TXT record mechanism just to get started. This will automatically cause a migration requirement. 

Thanks

Hector Santos/CTO
Santronics Software, Inc.
_______________________________________________
Ietf mailing list
Ietf(_at_)ietf(_dot_)org
https://www.ietf.org/mailman/listinfo/ietf
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: DNS RRTYPEs, the difficulty with, Hector
Next by Date:  Re: WG Review: Recharter of Hypertext Transfer Protocol Bis (httpbis), John C Klensin
Previous by Thread:  DNS Rule Transmission is a new tool in anti-spam controls, Todd Glassey
Indexes:  [Date] [Thread] [Top] [All Lists]