Re: [Asrg] overloading server names doesn't work, was who has the message

Dave CROCKER <dcrocker@bbiw.net> Tue, 09 February 2010 16:50 UTC

Return-Path: <dcrocker@bbiw.net>
X-Original-To: asrg@core3.amsl.com
Delivered-To: asrg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 3D3233A741E for <asrg@core3.amsl.com>; Tue, 9 Feb 2010 08:50:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.582
X-Spam-Level:
X-Spam-Status: No, score=-6.582 tagged_above=-999 required=5 tests=[AWL=0.017, BAYES_00=-2.599, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LRK8L3Uc6TKO for <asrg@core3.amsl.com>; Tue, 9 Feb 2010 08:50:21 -0800 (PST)
Received: from sbh17.songbird.com (sbh17.songbird.com [72.52.113.17]) by core3.amsl.com (Postfix) with ESMTP id 166D33A73E9 for <asrg@irtf.org>; Tue, 9 Feb 2010 08:50:21 -0800 (PST)
Received: from [192.168.1.43] (adsl-68-122-70-87.dsl.pltn13.pacbell.net [68.122.70.87]) (authenticated bits=0) by sbh17.songbird.com (8.13.8/8.13.8) with ESMTP id o19GpMAW003837 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Tue, 9 Feb 2010 08:51:27 -0800
Message-ID: <4B719287.1000708@bbiw.net>
Date: Tue, 09 Feb 2010 08:51:19 -0800
From: Dave CROCKER <dcrocker@bbiw.net>
Organization: Brandenburg InternetWorking
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.1.7) Gecko/20100111 Thunderbird/3.0.1
MIME-Version: 1.0
To: John R Levine <johnl@taugh.com>
References: <20100209012039.98092.qmail@simone.iecc.com> <4B70BCCB.5020405@dcrocker.net> <alpine.BSF.2.00.1002082110250.10191@simone.lan> <4B717F89.9060901@dcrocker.net> <alpine.BSF.2.00.1002091121080.5333@simone.lan>
In-Reply-To: <alpine.BSF.2.00.1002091121080.5333@simone.lan>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-Virus-Scanned: ClamAV 0.92/10371/Tue Feb 9 05:33:13 2010 on sbh17.songbird.com
X-Virus-Status: Clean
X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.0 (sbh17.songbird.com [72.52.113.17]); Tue, 09 Feb 2010 08:51:28 -0800 (PST)
Cc: Anti Spam Research Group <asrg@irtf.org>
Subject: Re: [Asrg] overloading server names doesn't work, was who has the message
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Feb 2010 16:50:22 -0000

On 2/9/2010 8:40 AM, John R Levine wrote:
>>>>> mail.btinternet.com. 600 IN CNAME pop-smtp.bt.mail.yahoo.com.
>>>>> pop-smtp.bt.mail.yahoo.com. 1800 IN CNAME
>>>>> pop-smtp.bt.mail.fy5.b.yahoo.com.
>>>>> pop-smtp.bt.mail.fy5.b.yahoo.com. 300 IN A 217.12.13.134
>>>>> pop-smtp.bt.mail.fy5.b.yahoo.com. 300 IN A 217.146.188.192
>>>>
>>>> I don't hack DNS records enought to be sure, but it appears to need
>>>> exactly one new record:
>>>>
>>>> _report.pop-smtp.bt.mail.fy5.b.yahoo.com IN TXT abuse-report@yahoo.com
>>>
>>> Nope, that won't work. CNAMEs don't do a partial match.
>> Then I guess it's lucky I didn't specify one.
>
> But you did. The CNAME only matches its exact name, and doesen't do a
> partial match of names below it. RFC 2181 explains this, albeit not very
> clearly.

Where did I or anyone else specify a partial match?


>>>> _report.pop-smtp.bt.mail.fy5.b.yahoo.com IN TXT abuse-report@yahoo.com
>>>> _report.pop-smtp.bt.mail.yahoo.com IN TXT abuse-report@yahoo.com
>>>> _report.mail.btinternet.com IN TXT abuse-report@yahoo.com
>>>
>>> That won't work, either. You can't have DNS records below a CNAME.
>>
>> I'm not finding where that restriction specified among the list of
>> restrictions I can find, and apparently all of popular the summaries
>> written about CNames have missed it too.
>>
>> Please cite the standards text that specifies it.
>
> Also 2181. I'll go see if there's a clearer explanation somewhere else.

Normally, something finer-grained that a reference to all of 15 pages would be 
expected.

And here it is essential, because I still do not see its specifying what you are 
claiming.

Please cite the specific text that asserts the constraint that you believe makes 
it illegal to have a subdomain name, under a domain with a CNAME.


d/
-- 

   Dave Crocker
   Brandenburg InternetWorking
   bbiw.net