Re: [Asrg] rDNS
Alessandro Vesely <vesely@tana.it> Fri, 29 May 2009 09:39 UTC
Return-Path: <vesely@tana.it>
X-Original-To: asrg@core3.amsl.com
Delivered-To: asrg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 87DDE3A6F40 for <asrg@core3.amsl.com>; Fri, 29 May 2009 02:39:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 0.443
X-Spam-Level:
X-Spam-Status: No, score=0.443 tagged_above=-999 required=5 tests=[AWL=-0.697, BAYES_20=-0.74, HELO_EQ_IT=0.635, HOST_EQ_IT=1.245]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6P8PC-T2r817 for <asrg@core3.amsl.com>; Fri, 29 May 2009 02:39:37 -0700 (PDT)
Received: from wmail.tana.it (mail.tana.it [62.94.243.226]) by core3.amsl.com (Postfix) with ESMTP id 9E25B3A6F2C for <asrg@irtf.org>; Fri, 29 May 2009 02:39:37 -0700 (PDT)
Received: from [172.25.197.158] (pcale.tana [172.25.197.158]) (AUTH: CRAM-MD5 ale@tana.it, TLS: TLS1.0, 256bits, RSA_AES_256_CBC_SHA1) by wmail.tana.it with esmtp; Fri, 29 May 2009 11:41:05 +0200 id 00000000005DC031.000000004A1FADB1.000039F8
Message-ID: <4A1FADBE.3050100@tana.it>
Date: Fri, 29 May 2009 11:41:18 +0200
From: Alessandro Vesely <vesely@tana.it>
User-Agent: Thunderbird 2.0.0.21 (Windows/20090302)
MIME-Version: 1.0
To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
References: <003d01c9dd01$bf3531d0$800c6f0a@china.huawei.com> <4A1A45BA.5030704@swin.edu.au> <3be421270905250718y5d62f6d5odb6f2bebecf418d0@mail.gmail.com> <4A1D7C8A.5060407@tana.it> <200905271821.OAA20063@Sparkle.Rodents-Montreal.ORG> <728E5AC5-061F-4C93-AFAD-B889195FF0CD@mail-abuse.org> <200905272011.QAA21141@Sparkle.Rodents-Montreal.ORG> <4A1E9D1E.20400@tana.it> <200905290400.AAA10287@Sparkle.Rodents-Montreal.ORG>
In-Reply-To: <200905290400.AAA10287@Sparkle.Rodents-Montreal.ORG>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Transfer-Encoding: 7bit
Subject: Re: [Asrg] rDNS
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 29 May 2009 09:39:38 -0000
der Mouse wrote: >> IMHO, synthesizing informations on that basis is symptomatic of >> technologies in their infancy being desperately greedy for data they >> cannot obtain [otherwise]. > > "Synthesizing" information? What's synthetic about (paraphrased) "your > rDNS is missing or broken, so I won't listen to you"? One of the implied major premises is synthetic. The complete logic chain reads: * I won't listen to clueless hosts (arbitrary, but legitimate premise) * all hosts with a missing or broken rDNS are clueless (synthetic) * your rDNS is missing or broken (fact) * so I won't listen to you (conclusion) If I lived in a land where all ISPs obey a policy of not setting rDNS, I could opt for setting up a host in a different country, give up rDNS, or emigrate. The second choice if not bad, given that I like to see the hardware and have a few reasons to tread this soil. Local ISP market should not affect the reliability of hosts operating in that area. > [rDNS is required] because it correlates with having clue > (thereby being less likely to be a problem). I'm not holding that it's wrong. Possibly, a good deal of ISPs do rfc2317 delegations (if the customers insist.) Hence, statistically, those who don't set up rDNS are clueless. However, general assumptions based on statistical indications are synthetic. The fact that you have to use them indicates that email technology (or ISP market) is immature. Specifically, the "iprev" authentication method described in rfc5451 should not be strictly required. At least, if an SMTP connection is not accepted (or accepted with high suspicion) because of that reason, the client should be made aware of this circumstance, possibly allowing it to suggest alternative authentication methods or relay its mail through alternative paths. (The second part of this paragraph is the subject of draft-vesely-vhlo.)
- [Asrg] DNS-based Email Sender Authentication Mech… Amir Herzberg
- Re: [Asrg] DNS-based Email Sender Authentication … Dave CROCKER
- Re: [Asrg] DNS-based Email Sender Authentication … Steve Atkins
- [Asrg] 答复: DNS-based Email Sender Authentication … Sean Shen
- Re: [Asrg] ´ð¸´: DNS-based Email Sender Authentic… grenville armitage
- Re: [Asrg] DNS-based Email Sender Authentication … Jose-Marcio Martins da Cruz
- Re: [Asrg] ´ð¸´: DNS-based Email Sender Authentic… Amir Herzberg
- Re: [Asrg] DNS-based Email Sender Authentication … Douglas Otis
- Re: [Asrg] DNS-based Email Sender Authentication … der Mouse
- Re: [Asrg] DNS-based Email Sender Authentication … John Leslie
- Re: [Asrg] DNS-based Email Sender Authentication … Douglas Otis
- Re: [Asrg] DNS-based Email Sender Authentication … Amir Herzberg
- Re: [Asrg] DNS-based Email Sender Authentication … Douglas Otis
- Re: [Asrg] DNS-based Email Sender Authentication … Jose-Marcio Martins da Cruz
- Re: [Asrg] DNS-based Email Sender Authentication … Chris Lewis
- Re: [Asrg] DNS-based Email Sender Authentication … Amir Herzberg
- Re: [Asrg] DNS-based Email Sender Authentication … Jose-Marcio Martins da Cruz
- Re: [Asrg] DNS-based Email Sender Authentication … Alessandro Vesely
- Re: [Asrg] DNS-based Email Sender Authentication … Dave CROCKER
- Re: [Asrg] DNS-based Email Sender Authentication … Douglas Otis
- Re: [Asrg] DNS-based Email Sender Authentication … Chris Lewis
- Re: [Asrg] DNS-based Email Sender Authentication … Alessandro Vesely
- Re: [Asrg] DNS-based Email Sender Authentication … Douglas Otis
- Re: [Asrg] DNS-based Email Sender Authentication … der Mouse
- Re: [Asrg] rDNS Douglas Otis
- Re: [Asrg] DNS-based Email Sender Authentication … Chris Lewis
- Re: [Asrg] rDNS der Mouse
- Re: [Asrg] DNS-based Email Sender Authentication … John Levine
- [Asrg] DNS over SCTP (was: Re: DNS-based Email Se… Alessandro Vesely
- Re: [Asrg] rDNS Alessandro Vesely
- Re: [Asrg] DNS over SCTP Alessandro Vesely
- Re: [Asrg] DNS over SCTP Alessandro Vesely
- Re: [Asrg] DNS over SCTP (was: Re: DNS-based Emai… SM
- Re: [Asrg] DNS over SCTP Douglas Otis
- Re: [Asrg] rDNS der Mouse
- Re: [Asrg] rDNS Alessandro Vesely
- Re: [Asrg] DNS over SCTP Alessandro Vesely
- Re: [Asrg] DNS over SCTP Alessandro Vesely
- Re: [Asrg] rDNS der Mouse
- Re: [Asrg] DNS-based Email Sender Authentication … Florian Weimer
- Re: [Asrg] DNS-based Email Sender Authentication … Douglas Otis
- Re: [Asrg] DNS over SCTP Douglas Otis
- Re: [Asrg] rDNS discrimination Alessandro Vesely
- Re: [Asrg] DNS over SCTP (was: Re: DNS-based Emai… Stephane Bortzmeyer
- Re: [Asrg] DNS over SCTP Stephane Bortzmeyer
- Re: [Asrg] DNS over SCTP David Conrad
- Re: [Asrg] DNS over SCTP Paul Wouters
- Re: [Asrg] DNSSEC is NOT secure end to end Thierry Moreau
- Re: [Asrg] DNS over SCTP David Conrad
- Re: [Asrg] DNS over SCTP Masataka Ohta
- Re: [Asrg] DNS over SCTP Michael Tüxen
- Re: [Asrg] DNS over SCTP Paul Wouters
- Re: [Asrg] DNS over SCTP (was: Re: DNS-based Emai… Francis Dupont
- Re: [Asrg] DNS over SCTP Francis Dupont
- Re: [Asrg] DNS over SCTP David Conrad
- Re: [Asrg] DNS over SCTP Francis Dupont
- Re: [Asrg] DNSSEC is NOT secure end to end Masataka Ohta
- Re: [Asrg] DNSSEC is NOT secure end to end Bill Manning
- Re: [Asrg] DNS-based Email Sender Authentication … Florian Weimer
- Re: [Asrg] DNSSEC is NOT secure end to end Francis Dupont
- Re: [Asrg] DNSSEC is NOT secure end to end Christian Huitema
- Re: [Asrg] DNS-based Email Sender Authentication … Douglas Otis
- Re: [Asrg] DNS-based Email Sender Authentication … Amir Herzberg
- Re: [Asrg] DNSSEC is NOT secure end to end Masataka Ohta
- Re: [Asrg] DNSSEC is NOT secure end to end Paul Wouters
- Re: [Asrg] DNSSEC is NOT secure end to end Richard Barnes
- Re: [Asrg] DNSSEC is NOT secure end to end (more … Richard Barnes
- Re: [Asrg] DNSSEC is NOT secure end to end David Wilson
- Re: [Asrg] DNSSEC is NOT secure end to end (more … Thierry Moreau
- Re: [Asrg] DNSSEC is NOT secure end to end (more … Thierry Moreau
- Re: [Asrg] DNSSEC is NOT secure end to end Masataka Ohta
- Re: [Asrg] DNSSEC is NOT secure end to end (more … Masataka Ohta
- Re: [Asrg] DNSSEC is NOT secure end to end Masataka Ohta
- Re: [Asrg] DNSSEC is NOT secure end to end (more … Mark Andrews
- Re: [Asrg] DNSSEC is NOT secure end to end (more … Masataka Ohta
- Re: [Asrg] DNSSEC is NOT secure end to end Christian Huitema
- Re: [Asrg] DNSSEC is NOT secure end to end Masataka Ohta
- Re: [Asrg] DNSSEC is NOT secure end to end Masataka Ohta
- Re: [Asrg] DNSSEC is NOT secure end to end Doug Otis
- Re: [Asrg] DNSSEC is NOT secure end to end Paul Wouters
- Re: [Asrg] DNSSEC is NOT secure end to end Doug Otis
- Re: [Asrg] DNSSEC is NOT secure end to end Masataka Ohta
- Re: [Asrg] DNSSEC is NOT secure end to end Masataka Ohta
- Re: [Asrg] DNSSEC is NOT secure end to end David Wilson
- Re: [Asrg] DNSSEC is NOT secure end to end David Wilson
- Re: [Asrg] DNSSEC is NOT secure end to end Masataka Ohta
- [Asrg] RISC is end to end (was Re: DNSSEC is NOT … Masataka Ohta
- Re: [Asrg] DNSSEC is NOT secure end to end David Wilson
- Re: [Asrg] DNSSEC is NOT secure end to end David Wilson
- Re: [Asrg] DNSSEC is NOT secure end to end Masataka Ohta
- Re: [Asrg] DNSSEC is NOT secure end to end Masataka Ohta
- Re: [Asrg] DNSSEC is NOT secure end to end Masataka Ohta
- Re: [Asrg] DNSSEC is NOT secure end to end der Mouse
- Re: [Asrg] DNS over SCTP Alessandro Vesely