-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Mark Shewmaker wrote:
On Tue, May 10, 2005 at 02:54:33PM +0200, Julian Mehnle wrote:
Generally internal MTA's fully trust their border MTAs not to lie,
(and they know who these trusted MTA's are), but there's no way for
an MUA reading the mail that passed through the internal MTA where
the internal trust border ended.
Yes, there is. Do an MX lookup on the receiver domain.
Problems:
1. I don't fully understand how that's supposed to work.
How do MX lookups within an example.com domain let you
define a trust map within example.com of which machines
fully and completely trust which other machines as far
as email is concerned?
That's not what you asked.
This is my idea: You can do an MX lookup and thereby find the edge MTAs.
Then you can find the topmost sequence (to account for internal hand-offs)
of "Received:" headers in a message that includes only edge MTAs. The
lowermost "Received:" heder should be where the message entered the
receiver's trusted network, and all headers above that should be
trustworthy.
I admit I'm not entirely sure it would work reliably. Some empirical
research would be necessary.
2. It requires "internal" mx lookups to be externally accessable,
and match the external answers.
True.
3. It requires the MUA to have an internet connection to simply
interpret and display authentication results.
True.
Looking at this set of abbreviated email headers:
[...]
machine3.example.com is the border mta, which accepted an email whose
first Received: line falsely claimed to be within the example.com
domain.
Unfortunately, you omitted critical information from the "Received:"
headers. But after I have looked at a message received at my mailbox at
my employer's network, I see that "Received:" lines are often incomplete,
so without additional information my approach is probably bound to fail in
most cases. (Note to self: get my employer to fix his "Received:" lines.)
I do recognize the advantage of your trust trace header, I just think there
might be a simpler alternative. I need to think more about it.
An important question remains: what abstract problem is being solved by
knowing the border MTAs of one's mail provider?
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
iD8DBQFCgOm3wL7PKlBZWjsRAgQOAJ0e8GCz4T5/q9xZqhblDW0IVWrDZQCfWiff
cVm1GS0Nd5bx+UPhQn+II+Q=
=7sbc
-----END PGP SIGNATURE-----