Re: [anti-spam-wg@localhost] Spamhaus & ".mail" TLD

From: furio ercolessi < >
Date: Sat, 27 Mar 2004 15:21:33 +0100

On Fri, Mar 26, 2004 at 05:42:28PM +0000, Jon Lawrence wrote:
> On Friday 26 March 2004 17:21, Antoine Delvaux wrote:
> > What are the comments of the list on the Spamhaus initiative ?
> >
> > http://www.spamhaus.org/tld/index.html
> >
> Interesting idea. But I don't get how it will work in practise. Spammers will 
> simply forge the domain name and spoof the IP address - as they do at present 
> - and the email will still go through. 

.mail is not intended to be used as a sender domain (MAIL FROM).
For the intended usage (IP validation) the only way to forge it
would be DNS poisoning - that is, inject a fake DNS record in the
resolver used by the victim's mailserver.  Not easy.

IP addresses can not be spoofed; the IP address connecting to the
victim's mailserver - as reported by the Received: line produced
by that mailserver - is always correct.  That is the IP address
subjected to the .mail validation procedure.

furio ercolessi

Post To The List:

References:
- [anti-spam-wg@localhost] Spamhaus & ".mail" TLD
  - From: Antoine Delvaux
- Re: [anti-spam-wg@localhost] Spamhaus & ".mail" TLD
  - From: Jon Lawrence

<<< Chronological >>>

Author Subject

<<< Threads >>>