spf-discuss
[Top] [All Lists]

[spf-discuss] Re: implicit MX rule FAQ

2007-05-14 15:20:44
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

(Please follow up to spf-discuss.)

Frank Ellermann wrote on spf-webmasters:
Julian Mehnle wrote:
I also added a brief explanation of why the "implicit MX" rule
is problematic.

No problem with that brief explanation, but it doesn't convince
me that there is a problem.  You argue that most domains have an
IP and therefore fall under the "implicit MX" rule.  I'd argue
that most domains have an explicit MX, and therefore can't muddy
the waters.

So which of the following valid host names (off the top of my head) has an 
explicit MX record?

  chiclet.listbox.com
  portent.listbox.com
  1cust176.tnt9.hbg2.deu.da.uu.net
  earbone.schlitt.net
  earbone.openspf.org
  www.google.com
  www.microsoft.com
  direkt.postbank.de
  en.wikipedia.org

Validating the "existence" of a domain by merely looking if it
has an MX (or lacking that an IP) won't help you long wrt spam,

No, but it is a basic sanity checking technique in any e-mail setup.

professional spammers can arrange to survive this validation.

That's completely besides the point.

[...]
Changing that rule would be also tricky wrt EHLO, at the moment
an MTA claiming to be smtp.example.com in its HELO might not
have an MX, but still accept mail to 
postmaster(_at_)smtp(_dot_)example(_dot_)com
at its IP.  Without the "implicit MX" rule the assumption could
be that any MTA without an MX for its HELO is what, suspicious ?

Said sanity check enforces the basic assumption valid_for_mail_from( 
$domain) = valid_for_rcpt_to($domain) without implicit MX.  The HELO 
identity is separate from both MAIL FROM and RCPT TO.

In any case, killing the "implicit MX" rule would be a good idea.  Note 
that I'm not saying that it would be _easy_.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFGSOCOwL7PKlBZWjsRAvRGAKD5rWXFyawvPYWuJiqXBP6BbnN5AACgwHYQ
+RZiadA4bhdv4BLAc8vrO0M=
=1hjw
-----END PGP SIGNATURE-----

-------------------------------------------
-----------------------------------------------------------------------
Sender Policy Framework: http://www.openspf.org/
Archives at http://archives.listbox.com/spf-discuss/current/
To unsubscribe, change your address, or temporarily deactivate your
subscription,
please go to http://v2.listbox.com/member/?list_id=735
Powered by Listbox: http://www.listbox.com

<Prev in Thread] Current Thread [Next in Thread>