Re: [Asrg] What are the IPs that sends mail for a domain?

Alessandro Vesely <vesely@tana.it> Wed, 17 June 2009 13:32 UTC

Return-Path: <vesely@tana.it>
X-Original-To: asrg@core3.amsl.com
Delivered-To: asrg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id CACC43A6B07 for <asrg@core3.amsl.com>; Wed, 17 Jun 2009 06:32:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.595
X-Spam-Level:
X-Spam-Status: No, score=-0.595 tagged_above=-999 required=5 tests=[AWL=0.124, BAYES_00=-2.599, HELO_EQ_IT=0.635, HOST_EQ_IT=1.245]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id YXrcZjSz+GDw for <asrg@core3.amsl.com>; Wed, 17 Jun 2009 06:32:57 -0700 (PDT)
Received: from wmail.tana.it (wmail.tana.it [62.94.243.226]) by core3.amsl.com (Postfix) with ESMTP id AF4463A693F for <asrg@irtf.org>; Wed, 17 Jun 2009 06:32:57 -0700 (PDT)
Received: from [172.25.197.158] (pcale.tana [172.25.197.158]) (AUTH: CRAM-MD5 ale@tana.it, TLS: TLS1.0, 256bits, RSA_AES_256_CBC_SHA1) by wmail.tana.it with esmtp; Wed, 17 Jun 2009 15:33:08 +0200 id 00000000005DC031.000000004A38F094.00006B8F
Message-ID: <4A38F094.1000005@tana.it>
Date: Wed, 17 Jun 2009 15:33:08 +0200
From: Alessandro Vesely <vesely@tana.it>
User-Agent: Thunderbird 2.0.0.21 (Windows/20090302)
MIME-Version: 1.0
To: asrg@irtf.org
References: <20090616225543.11524.qmail@simone.iecc.com> <628BBDFC-0DDE-47B6-BC41-EAF846EE9D5D@mail-abuse.org> <1245203745.93720.748.camel@legolas.orthanc.ca> <4A38629F.5040506@billmail.scconsult.com>
In-Reply-To: <4A38629F.5040506@billmail.scconsult.com>
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Content-Transfer-Encoding: 7bit
Subject: Re: [Asrg] What are the IPs that sends mail for a domain?
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Jun 2009 13:32:58 -0000

Bill Cole wrote:
> Lyndon Nerenberg wrote, On 6/16/09 9:55 PM:
>> On Tue, 2009-06-16 at 17:24 -0700, Douglas Otis wrote:
>>> IMHO, all outbound MTAs should be required to return CVS records for
>>> their EHLO name and offer MX records for their inbound.
>>
>> Doug, are you sure that's what you meant to say? The sentence is a bit
>> ambiguous. Are you really saying any host that sends mail (is an SMTP
>> client) MUST also host an listed SMTP server?
> 
> I can't testify to what he meant, but I think what he is actually saying 
> is that if you have a machine that says "EHLO some.name" then there 
> should be both a MX record for some.name and a SRV record for 
> _client._smtp.some.name (i.e. a CSV/CSA record).

However, the standard requires that it says "EHLO host-at.some.name". 
It is a seemingly simple task to drop the leftmost label(s) so as to 
obtain the mail domain, but doing that properly requires a zone cut 
algorithm that most servers miss.

> That doesn't mean requiring inbound SMTP on every outbound, it means 
> requiring an affirmation in DNS that a name can be used in EHLO by a 
> particular IP address and a way to get mail to the responsible party for 
> the machine(s) using that name in EHLO. This is an admirable goal. A 
> weaker goal would be to get people running non-spamming mail servers to 
> follow the existing accepted standard of using a valid resolvable FQDN 
> in EHLO.

If we have a weaker goal and an admirable one, we're better off if 
they don't conflict with each other. We cannot ask for a domain name 
after EHLO, except for tiny ESPs whose domain name, host name, and IP 
address are the same thing. If we need the domain name, we can either 
mandate the zone cut algorithm, or use a different verb than EHLO.