spf-discuss
[Top] [All Lists]

Re: [spf-discuss] Re: [Fwd: Re: DNSOP Agenda for San Diego (IETF 67)]

2006-10-31 14:12:38
OK, power's back on here.

I read Doug's draft again.

http://www.ietf.org/internet-drafts/draft-otis-spf-dos-exploit-01.txt

I agree.  I still don't get it.

Some of what he said is right.  Some of what he said is stuff you could do, 
but is nonsense.  Part of what he said is specifically contrary to 4408 (he 
talks about implementations that do not have processing limits).

Is the idea that some bad actor can cause a third party to have their DNS 
DOSed by sending mail to receivers that check SPF and have them do a bunch of 
lookups against the 3rd party?

Scott K

-------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your 
subscription, 
please go to 
http://v2.listbox.com/member/?listname=spf-discuss(_at_)v2(_dot_)listbox(_dot_)com