Re: [Asrg] What are the IPs that sends mail for a domain?

Peter Koch <pk@DENIC.DE> Sun, 05 July 2009 13:56 UTC

Return-Path: <peter@denic.de>
X-Original-To: asrg@core3.amsl.com
Delivered-To: asrg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id E8D4A3A6BC2 for <asrg@core3.amsl.com>; Sun, 5 Jul 2009 06:56:20 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.758
X-Spam-Level:
X-Spam-Status: No, score=-5.758 tagged_above=-999 required=5 tests=[AWL=0.491, BAYES_00=-2.599, HELO_EQ_DE=0.35, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WJ+MTFUkwYoo for <asrg@core3.amsl.com>; Sun, 5 Jul 2009 06:56:20 -0700 (PDT)
Received: from office.denic.de (gw-office.denic.de [81.91.160.182]) by core3.amsl.com (Postfix) with ESMTP id 1A8DB3A682F for <asrg@irtf.org>; Sun, 5 Jul 2009 06:56:19 -0700 (PDT)
Received: from x27.adm.denic.de ([10.122.64.128]) by office.denic.de with esmtp id 1MNSCx-0001Fa-Cv; Sun, 05 Jul 2009 15:56:43 +0200
Received: from localhost by x27.adm.denic.de with local id 1MNSCu-0006G5-9X; Sun, 05 Jul 2009 15:56:40 +0200
Date: Sun, 5 Jul 2009 15:56:40 +0200
From: Peter Koch <pk@DENIC.DE>
To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
Message-ID: <20090705135640.GA23558@x27.adm.denic.de>
Mail-Followup-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
References: <B5252B96-F0AB-4D4A-A0DA-8314AA8E038F@mail-abuse.org> <4A3D366E.2020304@tana.it> <934f64a20906201606pff54ca3y904da141013f1d2a@mail.gmail.com> <4A490CC5.8020601@billmail.scconsult.com> <4A49C1DD.8020205@tana.it> <20090630200150.GL57980@verdi> <4A4B709C.2000109@tana.it> <CA9E386E-44BA-4E3B-8A91-A99B07393BA0@mail-abuse.org> <4A4CCC56.8090804@tana.it> <6C4133DD-CAD2-4FE3-8087-9301B46832F6@mail-abuse.org>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <6C4133DD-CAD2-4FE3-8087-9301B46832F6@mail-abuse.org>
User-Agent: Mutt/1.4.2.3i
Sender: Peter Koch <peter@denic.de>
Subject: Re: [Asrg] What are the IPs that sends mail for a domain?
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sun, 05 Jul 2009 13:56:21 -0000

Doug,

On Thu, Jul 02, 2009 at 12:43:53PM -0700, Douglas Otis wrote:

> When the EHLO host name references IP addresses that match the  
> Outbound MTA, this verifies there is a common administration between  
> the FQDN and DNS.

the DNS namespace is of very little help when it comes to conclusions about
"common administration".  See, for example, RFC 5507, section 4:

   DNS hierarchy neither follows nor implies administrative hierarchy.
   Because of that, it cannot be assumed that data attached to a node in
   the DNS tree is valid for the whole subtree. [...]

Since I'm sure you were already aware of this, I'm wondering in what way
I might have misread your statement.

-Peter