Re: [Asrg] VPNs vs consent

Jose-Marcio Martins da Cruz <Jose-Marcio.Martins@mines-paristech.fr> Wed, 01 July 2009 14:45 UTC

Return-Path: <Jose-Marcio.Martins@mines-paristech.fr>
X-Original-To: asrg@core3.amsl.com
Delivered-To: asrg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id C84363A6F3F for <asrg@core3.amsl.com>; Wed, 1 Jul 2009 07:45:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.199
X-Spam-Level:
X-Spam-Status: No, score=-2.199 tagged_above=-999 required=5 tests=[AWL=0.050, BAYES_00=-2.599, HELO_EQ_FR=0.35]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5FIL7gBrochH for <asrg@core3.amsl.com>; Wed, 1 Jul 2009 07:45:37 -0700 (PDT)
Received: from boipeva.ensmp.fr (cobra.ensmp.fr [194.214.158.101]) by core3.amsl.com (Postfix) with ESMTP id 6E3FD3A68DB for <asrg@irtf.org>; Wed, 1 Jul 2009 07:45:37 -0700 (PDT)
Received: from localhost.localdomain (minho.ensmp.fr [10.3.5.5]) (authenticated bits=0) by boipeva.ensmp.fr (8.14.3/8.14.3/JMMC-11/Feb/2009) with ESMTP id n61EiKqX012189 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for <asrg@irtf.org>; Wed, 1 Jul 2009 16:44:20 +0200 (MEST)
Message-ID: <4A4B76C8.3080602@mines-paristech.fr>
Date: Wed, 01 Jul 2009 16:46:32 +0200
From: Jose-Marcio Martins da Cruz <Jose-Marcio.Martins@mines-paristech.fr>
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1.21) Gecko/20090507 Fedora/1.1.16-1.fc11 SeaMonkey/1.1.16
MIME-Version: 1.0
To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
References: <20090623213728.1825.qmail@simone.iecc.com> <4A41D773.50508@telmon.org> <4A41E506.2010106@mines-paristech.fr> <20090624160052.B5DC62428A@panix5.panix.com> <4A426B9D.7090901@mines-paristech.fr> <4A43618A.6000205@tana.it> <4A437393.3060105@mines-paristech.fr> <212.234.174.167.1726486840.1245941890@webmail.inet.it> <4A439639.9090106@mines-paristech.fr> <4A4A879D.80008@telmon.org>
In-Reply-To: <4A4A879D.80008@telmon.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
X-Miltered: at boipeva with ID 4A4B7644.000 by Joe's j-chkmail (http : // j-chkmail dot ensmp dot fr)!
X-j-chkmail-Enveloppe: 4A4B7644.000/10.3.5.5/minho.ensmp.fr/localhost.localdomain/<Jose-Marcio.Martins@mines-paristech.fr>
Subject: Re: [Asrg] VPNs vs consent
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Jose-Marcio.Martins@mines-paristech.fr, Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 01 Jul 2009 14:45:38 -0000

Claudio Telmon wrote:
> Jose-Marcio Martins da Cruz wrote:

> 
> I need some more clarification on this, maybe it's just me not knowing
> enough about MTAs internals. As the border MTA receives a RCPT TO for
> either of these addresses, it should be able to know if it is a valid
> address. In my (very limited) experience, this means that each of these
> addresses mut be defined as a valid address, the MTA doesn't have rules
> to decide that since jose-marcio.martins_da_cruz is a valid address,
> jose-marcio.martins must be valid too. So, if each of these addresses is
> individually defined in some list/database accessed by the MTA, then
> with the same rules, the related token database should be accessed too.
> Should an "automatic aliasing" rule exist, then the same rule could
> exist for the token database. Also, if "somewhere" an alias is defined
> for an address, then the correspondent database could just be a pointer
> to the database of the "main" address. This could even implement "chains
> of aliases" as "chains of pointers to token databases".

The border MTA surely knows a list of valid addresses, but it may not know, all the time, 
that all this addresses resolve to the same login - sometimes some addresses are resolved 
in the final internal servers.

But well, you can find some organisations with this kind of thing nowadays. Don't know if 
this shall be taken into account to design future systems.

> I think this is feasible with an appropriate address book manager.
> Anyway, the load is for the MUA, not for the MTA, so the number of users
> shouldn't matter.

Hmmm. If the border MTA accept and the MUA reject by lack of consent, a bounce is generated.


-- 
  ---------------------------------------------------------------
  Jose Marcio MARTINS DA CRUZ           http://j-chkmail.ensmp.fr
  Ecole des Mines de Paris
  60, bd Saint Michel                      75272 - PARIS CEDEX 06
  mailto:Jose-Marcio.Martins@mines-paristech.fr