<<< Chronological >>> Author Index    Subject Index <<< Threads >>>

Re: [anti-spam-wg@localhost] Re: Domain spoofing


On Fri, Oct 10, 2003 at 07:01:29PM +0200, Martin Neitzel wrote:
> I'm pretty sure you refer to der Mouse himself on this very mailing
> list in
> http://www.ripe.net/ripe/mail-archives/anti-spam-wg/2003/msg00199.html

Yakov Shafranovich posted a list of RMX proposal on ASRG:

http://www.ietf.org/internet-drafts/draft-danisch-dns-rr-smtp-02.txt
http://www.ietf.org/internet-drafts/draft-fecyk-dsprotocol-04.txt
http://www.ietf.org/internet-drafts/draft-brand-drip-01.txt
http://www.irtf.org/asrg/draft-vixie-repudiating-mail-from.txt
http://spf.pobox.com/draft-mengwong-spf-01.txt 
http://nospam.couchpotato.net/

ASRG has contacted the authors of all that documents and they try to
reconciliate right now and hope to have a draft ready for submission
before Oct. 20, which is the deadline for first drafts for Minneapolis.

In addition to what der Mouse wrote IMHO a big problem with the
current RMX proposal will become IPv6. I don't think it will be fun
to add records like described on
   http://spf.pobox.com/dns.html
for IPv6 hosts.

With a colleague I am currently writing a draft with a slightly
different approach.
   http://www.space.net/~maex/draft-irtf-asrg-mtamark-00.txt
It still needs some polishing before submitting. 

The basic idea is to "mark" MTAs in reverse DNS with a TXT record like
    "ASRG.MTA=yes"
The same way you can mark hosts that should never send eMails accross
the Internet (WAN) with   "ASRG.MTA=no".
While this is a weaker criterion than the RMX ones, it deploys existings
techniques, is easy, fast and cheap to implement and doesn't have the
drawbacks of RMX style proposals.

Comments welcome ;-)

	\Maex

P.S. A reference implementation that works as a kind of dispatcher (like
     DJB's rblsmptd) will be available soon.

-- 
SpaceNet AG            | Joseph-Dollinger-Bogen 14 | Fon: +49 (89) 32356-0
Research & Development |       D-80807 Muenchen    | Fax: +49 (89) 32356-299
"The security, stability and reliability of a computer system is reciprocally
 proportional to the amount of vacuity between the ears of the admin"



<<< Chronological >>> Author    Subject <<< Threads >>>