Re: [Asrg] overloading server names doesn't work, was who has the message

"John R Levine" <johnl@taugh.com> Tue, 09 February 2010 02:27 UTC

Return-Path: <johnl@taugh.com>
X-Original-To: asrg@core3.amsl.com
Delivered-To: asrg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3F9BC3A7506 for <asrg@core3.amsl.com>; Mon, 8 Feb 2010 18:27:10 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -10.498
X-Spam-Level:
X-Spam-Status: No, score=-10.498 tagged_above=-999 required=5 tests=[AWL=0.701, BAYES_00=-2.599, HABEAS_ACCREDITED_SOI=-4.3, RCVD_IN_BSP_TRUSTED=-4.3]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EwYtDg01QwWs for <asrg@core3.amsl.com>; Mon, 8 Feb 2010 18:27:09 -0800 (PST)
Received: from gal.iecc.com (l053.n.taugh.com [64.57.183.53]) by core3.amsl.com (Postfix) with ESMTP id E1F1C3A7505 for <asrg@irtf.org>; Mon, 8 Feb 2010 18:27:08 -0800 (PST)
Received: (qmail 41931 invoked from network); 9 Feb 2010 02:28:11 -0000
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=iecc.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent:cleverness; s=k1002; bh=FxiaF//Buhhr0GCGbSB0PNHLHWrWkghrb2MTK7BbGC8=; b=LEte6jobZQrW3ycVGyjsBZtm6woYN7+vyPlVCQPLr6gDAlRnEOuBfhsign5a+SGR8LV18/PmJDu9IyvUq8zRcgYbfE4W7k6Lr+CXw8JR2432wne5OwYNwnqJYUHLrgtYY0bu+LtiCEIMOYydQU+UkJXTqyAMDt11JPZ/8ns2J4E=
DKIM-Signature: v=1; a=rsa-sha256; c=simple; d=taugh.com; h=date:message-id:from:to:cc:subject:in-reply-to:references:mime-version:content-type:user-agent:cleverness; s=k1002; bh=FxiaF//Buhhr0GCGbSB0PNHLHWrWkghrb2MTK7BbGC8=; b=FSDelarawhnK7s6RSebPgIa8PDCOhmUOPTqtW6hX+m2pkne1QA1KqxaeEh7Wma9nIrpj2BQeq3ZKvh3CIJmmX9rL/7CkIv+Hd9lP81Sybz6pc6fKQtKPQRPbIb6VM/r/7l4iWxxuyDnUFpgK9SaWkMmo511h+ZaDw7fBhGM6MTo=
Received: (ofmipd 208.31.42.62) with (DHE-RSA-AES256-SHA encrypted) SMTP; 9 Feb 2010 02:27:49 -0000
Date: 8 Feb 2010 21:28:10 -0500
Message-ID: <alpine.BSF.2.00.1002082110250.10191@simone.lan>
From: "John R Levine" <johnl@taugh.com>
To: dcrocker@bbiw.net
In-Reply-To: <4B70BCCB.5020405@dcrocker.net>
References: <20100209012039.98092.qmail@simone.iecc.com> <4B70BCCB.5020405@dcrocker.net>
User-Agent: Alpine 2.00 (BSF 1167 2008-08-23)
Cleverness: None detected
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII; format=flowed
Cc: Anti-Spam Research Group - IRTF <asrg@irtf.org>
Subject: Re: [Asrg] overloading server names doesn't work, was who has the message
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Feb 2010 02:27:10 -0000

>> ISP in the UK.  Can you describe the DNS changes needed if they were
>> publishing a spam button address?
>> $ dig  mail.btinternet.com a
>> ;; ANSWER SECTION:
>> mail.btinternet.com.    600     IN      CNAME   pop-smtp.bt.mail.yahoo.com.
>> pop-smtp.bt.mail.yahoo.com. 1800 IN     CNAME 
>> pop-smtp.bt.mail.fy5.b.yahoo.com.
>> pop-smtp.bt.mail.fy5.b.yahoo.com. 300 IN A      217.12.13.134
>> pop-smtp.bt.mail.fy5.b.yahoo.com. 300 IN A      217.146.188.192
>
> I don't hack DNS records enought to be sure, but it appears to need exactly 
> one new record:
>
> _report.pop-smtp.bt.mail.fy5.b.yahoo.com IN TXT   abuse-report@yahoo.com

Nope, that won't work.  CNAMEs don't do a partial match.

> _report.pop-smtp.bt.mail.fy5.b.yahoo.com IN TXT   abuse-report@yahoo.com
> _report.pop-smtp.bt.mail.yahoo.com IN TXT   abuse-report@yahoo.com
> _report.mail.btinternet.com IN TXT   abuse-report@yahoo.com

That won't work, either.  You can't have DNS records below a CNAME.

By the way, I was wrong about SRV records.  This DNS hack just doesn't 
work, but it won't work much more elegantly with RP records.  See RFC 
1183.

Regards,
John Levine, johnl@taugh.com, Taughannock Networks, Trumansburg NY
"I dropped the toothpaste", said Tom, crestfallenly.