Re: [Asrg] More reasons you can't overload POP and IMAP server names

John Levine <johnl@taugh.com> Sun, 07 February 2010 02:54 UTC

Return-Path: <johnl@iecc.com>
X-Original-To: asrg@core3.amsl.com
Delivered-To: asrg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 0C7CA3A7151 for <asrg@core3.amsl.com>; Sat, 6 Feb 2010 18:54:44 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -18.621
X-Spam-Level:
X-Spam-Status: No, score=-18.621 tagged_above=-999 required=5 tests=[AWL=-0.422, BAYES_00=-2.599, GB_FREEBONUS=1, HABEAS_ACCREDITED_SOI=-4.3, RCVD_IN_BSP_TRUSTED=-4.3, RCVD_IN_DNSWL_HI=-8]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id n9hr38pwL-qn for <asrg@core3.amsl.com>; Sat, 6 Feb 2010 18:54:43 -0800 (PST)
Received: from gal.iecc.com (gal.iecc.com [208.31.42.53]) by core3.amsl.com (Postfix) with ESMTP id C0C493A6FE6 for <asrg@irtf.org>; Sat, 6 Feb 2010 18:54:42 -0800 (PST)
Received: (qmail 90891 invoked from network); 7 Feb 2010 02:55:38 -0000
Received: from mail1.iecc.com (208.31.42.56) by mail1.iecc.com with QMQP; 7 Feb 2010 02:55:38 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:subject:in-reply-to:cc:mime-version:content-type:content-transfer-encoding; s=k1002; olt=johnl@user.iecc.com; bh=mv9UdlkRtRpOPjBlDmvgz1hsUTB2aqSncgZTASJf6k8=; b=lVvFXlX0FxVjd9ak0gnUKBu5fib3s83T/Kg0vFMSP9R8FdJA028VX9TXEE4AizKthbb5u84vlOGJdFxdAiiGLkOTUT2eZ0v84nrCe5WaU+A0oaur30Jn5AIx3SI6pDfZNQEJ0G6fCyGK2XDkDocLzsNBN1PmpY+9UCmHxY4G6kY=
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:subject:in-reply-to:cc:mime-version:content-type:content-transfer-encoding; s=k1002; bh=mv9UdlkRtRpOPjBlDmvgz1hsUTB2aqSncgZTASJf6k8=; b=Skj847e9xYBLgKKRlbFZOnp1t0DmTfnQChGf/CQ4eWm0aalyg1qyXawmVkdBwzEjcPmkVAEAd9Hy0fmnrIggbd+yC2zR4pxacnWwtdixdia8ZACCAWKmutkjo24lnO5fiknGeFoZ0gANjFHoo/yBCMJJ4Gqv2+gVyBLc4dXvVTI=
Date: 7 Feb 2010 02:55:37 -0000
Message-ID: <20100207025537.5839.qmail@simone.iecc.com>
From: John Levine <johnl@taugh.com>
To: asrg@irtf.org
In-Reply-To: <4B6E0BA2.5080001@bbiw.net>
Organization:
Cc:
X-Headerized: yes
Mime-Version: 1.0
Content-type: text/plain; charset=iso-8859-1
Content-transfer-encoding: 7bit
Subject: Re: [Asrg] More reasons you can't overload POP and IMAP server names
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sun, 07 Feb 2010 02:54:44 -0000

>You left out yahoo, google, comcast, att, and the broad range of
>non-US-based major ISPs.

Oh, sorry.  Here you go.  As a free bonus, I did Hotmail, too.  I'm
modestly (but not hugely) surprised that every one of these uses at
least one level of CNAME.  As you may recall, putting something at a
subdomain of a CNAME is rather naughty, so where do you plan to put
your TXT record?

$ dig pop.comcast.net a
;; ANSWER SECTION:
pop.comcast.net.	7200	IN	CNAME	mail.comcast.net.
mail.comcast.net.	900	IN	CNAME	mail.g.comcast.net.
mail.g.comcast.net.	300	IN	A	76.96.30.119


; AT&T DSL POP server
; the first CNAME is also the name used for Yahoo's own POP service
$ dig pop.sbc.yahoo.com a 
;; ANSWER SECTION:
pop.sbc.yahoo.com.	1798	IN	CNAME	pop.mail.yahoo.com.
pop.mail.yahoo.com.	598	IN	CNAME	pop.plus.mail.yahoo.com.
pop.plus.mail.yahoo.com. 298	IN	CNAME	pop.plus.mail.fy4.b.yahoo.com.
pop.plus.mail.fy4.b.yahoo.com. 300 IN	A	206.190.53.11


$ dig pop.aol.com a
;; ANSWER SECTION:
pop.aol.com.		3600	IN	CNAME	open.imap.aol.com.
open.imap.aol.com.	3600	IN	CNAME	open.gopen.imap.aol.com.
open.gopen.imap.aol.com. 4	IN	A	205.188.200.149

$ dig imap.aol.com a
;; ANSWER SECTION:
imap.aol.com.		501	IN	CNAME	open.imap.aol.com.
open.imap.aol.com.	3016	IN	CNAME	open.gopen.imap.aol.com.
open.gopen.imap.aol.com. 10	IN	A	64.12.168.246


$ dig imap.gmail.com a
;; ANSWER SECTION:
imap.gmail.com.		146	IN	CNAME	gmail-imap.l.google.com.
gmail-imap.l.google.com. 146	IN	A	74.125.93.109
gmail-imap.l.google.com. 146	IN	A	74.125.93.111

; POP for Google, also for Virgin.net, the largest cableco in the UK
$ dig pop.googlemail.com a
;; ANSWER SECTION:
pop.googlemail.com.	600	IN	CNAME	googlemail-pop.l.google.com.
googlemail-pop.l.google.com. 300 IN	A	74.125.91.16

; POP server for Hotmail
$ dig pop3.live.com a
;; ANSWER SECTION:
pop3.live.com.		2508	IN	CNAME	pop3.hot.glbdns.microsoft.com.
pop3.hot.glbdns.microsoft.com. 27 IN	A	65.55.32.247


; POP server for BT Internet, the largest ISP in the UK, with mail hosted by Yahoo
$ dig  mail.btinternet.com a
;; ANSWER SECTION:
mail.btinternet.com.	600	IN	CNAME	pop-smtp.bt.mail.yahoo.com.
pop-smtp.bt.mail.yahoo.com. 1800 IN	CNAME	pop-smtp.bt.mail.fy5.b.yahoo.com.
pop-smtp.bt.mail.fy5.b.yahoo.com. 300 IN A	217.12.13.134
pop-smtp.bt.mail.fy5.b.yahoo.com. 300 IN A	217.146.188.192


Here's two different domains at the largest ISP in France that use
different A records to point to the same set of POP servers.  I don't
know whether these are only names that customers use to refer to those
servers.  From what I've seen of France Telecom, I wouldn't count on
them knowing, either.

$ dig pop.orange.fr a
;; ANSWER SECTION:
pop.orange.fr.		514	IN	A	193.252.23.65
pop.orange.fr.		514	IN	A	80.12.242.8
pop.orange.fr.		514	IN	A	80.12.242.14
pop.orange.fr.		514	IN	A	80.12.242.51
pop.orange.fr.		514	IN	A	80.12.242.60
pop.orange.fr.		514	IN	A	80.12.242.90
pop.orange.fr.		514	IN	A	80.12.242.143
pop.orange.fr.		514	IN	A	80.12.242.149
pop.orange.fr.		514	IN	A	193.252.22.85
pop.orange.fr.		514	IN	A	193.252.22.90

$ dig pop.wanadoo.fr a
;; ANSWER SECTION:
pop.wanadoo.fr.		600	IN	A	80.12.242.8
pop.wanadoo.fr.		600	IN	A	80.12.242.14
pop.wanadoo.fr.		600	IN	A	80.12.242.51
pop.wanadoo.fr.		600	IN	A	80.12.242.60
pop.wanadoo.fr.		600	IN	A	80.12.242.90
pop.wanadoo.fr.		600	IN	A	80.12.242.143
pop.wanadoo.fr.		600	IN	A	80.12.242.149
pop.wanadoo.fr.		600	IN	A	193.252.22.85
pop.wanadoo.fr.		600	IN	A	193.252.22.90
pop.wanadoo.fr.		600	IN	A	193.252.23.65


>And for reference, you are postulating that the DNS-based query is
>hugely expensive for those providers using your scenario, but I'm not
>convinced that it does.

No, I'm pointing out that the DNS configuration would often be much,
much more complicated than adding a single TXT record per server, if
it's even possible to do, and is therefore much, much harder to get
right.

>You appear to be postulating that the DNS query would fail.  Please
>explain how and in what cases.

See many prior messages.

R's,
John