spf-discuss
[Top] [All Lists]

Re: DDoS attacks via SPF

2003-12-18 13:41:27
In <20031218194704(_dot_)GK31242(_at_)dumbo(_dot_)pobox(_dot_)com> Meng Weng 
Wong <mengwong(_at_)dumbo(_dot_)pobox(_dot_)com> writes:

| >> In <3FE1C7BD(_dot_)9040204(_at_)foster(_dot_)cc> Mark Foster 
<mark(_at_)foster(_dot_)cc> writes:
| >>
| >>> Wouldn't doing away with the macro-char t (also) greatly reduce the
| >>> ddos risk?
| >>> What is t needed for, anyway?

it's more for the exp url.

I guess if the %t macro was restricted to the exp message, I wouldn't
have a problem.  Even then, other timestamps are likely to be more
appropriate.

The %t macro is just far more expensive than people might realize,
with a lot of the expense coming in the form of bloated DNS caches on
machines third party machines.  If the expense only was felt by the
domain name owner who used the %t macro, that would be one thing, but
it isn't.


-wayne

-------
Sender Permitted From: http://spf.pobox.com/
Archives at http://archives.listbox.com/spf-discuss/current/
Latest draft at http://spf.pobox.com/draft-mengwong-spf-02.9.4.txt
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname(_at_)©#«Mo\¯HÝÜîU;±¤Ö¤Íµø?¡


<Prev in Thread] Current Thread [Next in Thread>