Re: [anti-spam-wg@localhost] Spamhaus & ".mail" TLD
- Date: Sat, 27 Mar 2004 15:21:33 +0100
On Fri, Mar 26, 2004 at 05:42:28PM +0000, Jon Lawrence wrote:
> On Friday 26 March 2004 17:21, Antoine Delvaux wrote:
> > What are the comments of the list on the Spamhaus initiative ?
> >
> > http://www.spamhaus.org/tld/index.html
> >
> Interesting idea. But I don't get how it will work in practise. Spammers will
> simply forge the domain name and spoof the IP address - as they do at present
> - and the email will still go through.
.mail is not intended to be used as a sender domain (MAIL FROM).
For the intended usage (IP validation) the only way to forge it
would be DNS poisoning - that is, inject a fake DNS record in the
resolver used by the victim's mailserver. Not easy.
IP addresses can not be spoofed; the IP address connecting to the
victim's mailserver - as reported by the Received: line produced
by that mailserver - is always correct. That is the IP address
subjected to the .mail validation procedure.
furio ercolessi