Re: [Asrg] MXs Used As Authentication - Why RMX?
Dave Crocker <dhc@dcrocker.net> Sat, 20 September 2003 01:37 UTC
Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id VAA01348 for <asrg-archive@odin.ietf.org>; Fri, 19 Sep 2003 21:37:17 -0400 (EDT)
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.12.8/8.12.8) with ESMTP id h8K1VhCb020140 for <asrg-archive@odin.ietf.org>; Fri, 19 Sep 2003 21:36:54 -0400
Received: (from exim@localhost) by www1.ietf.org (8.12.8/8.12.8/Submit) id h7PI2hCS003342 for asrg-archive@odin.ietf.org; Mon, 25 Aug 2003 14:02:43 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19rLfr-0000r3-KT for asrg-web-archive@optimus.ietf.org; Mon, 25 Aug 2003 14:02:39 -0400
Received: from optimus.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id OAA05145; Mon, 25 Aug 2003 14:02:33 -0400 (EDT)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19rLdh-00006H-Rp; Mon, 25 Aug 2003 14:00:25 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 19rJYG-0004rp-6k for asrg@optimus.ietf.org; Mon, 25 Aug 2003 11:46:40 -0400
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA24900 for <asrg@ietf.org>; Mon, 25 Aug 2003 11:46:34 -0400 (EDT)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 19rJYF-0002p6-00 for asrg@ietf.org; Mon, 25 Aug 2003 11:46:39 -0400
Received: from joy.songbird.com ([208.184.79.7]) by ietf-mx with esmtp (Exim 4.12) id 19rJYE-0002og-00 for asrg@ietf.org; Mon, 25 Aug 2003 11:46:38 -0400
Received: from bbprime (jay.songbird.com [208.184.79.253]) by joy.songbird.com (8.11.6/8.11.6) with ESMTP id h7PFohI06284; Mon, 25 Aug 2003 08:50:43 -0700
From: Dave Crocker <dhc@dcrocker.net>
X-Mailer: The Bat! (v1.63 Beta/11) Personal
Reply-To: Dave Crocker <dcrocker@brandenburg.com>
Organization: Brandenburg InternetWorking
X-Priority: 3 (Normal)
Message-ID: <10355000386.20030825084558@brandenburg.com>
To: Sabahattin Gucukoglu <mail@sabahattin-gucukoglu.com>
CC: asrg@ietf.org
Subject: Re: [Asrg] MXs Used As Authentication - Why RMX?
In-Reply-To: <3F49D337.17788.44FD811@localhost>
References: <3F49D337.17788.44FD811@localhost>
MIME-Version: 1.0
Content-type: text/plain; charset="us-ascii"
Content-transfer-encoding: 7bit
Content-Transfer-Encoding: 7bit
Sender: asrg-admin@ietf.org
Errors-To: asrg-admin@ietf.org
X-BeenThere: asrg@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=unsubscribe>
List-Id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-Post: <mailto:asrg@ietf.org>
List-Help: <mailto:asrg-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>, <mailto:asrg-request@ietf.org?subject=subscribe>
List-Archive: <https://www1.ietf.org/mail-archive/working-groups/asrg/>
Date: Mon, 25 Aug 2003 08:45:58 -0700
Content-Transfer-Encoding: 7bit
Content-Transfer-Encoding: 7bit
Sabahattin, SG> Why can't you just SG> resolve the given envelope sender domain, check all of the MXs hostnames SG> and see if any of them matches your connecting machine's IP after SG> resolution to addresses? The hostname could come either from the SMTP Other have noted the fact that inbound SMTP often goes through different hosts than outbound SMTP. Another flaw with proposals like RMX is that the sender's domain name in the Mail-From field often does not have any relationship to the domain name of the machine (MTA) that is actually sending the email. The Mail-From specifies a return address. It is like the return address on a paper mail envelope. When you send paper mail, does the envelope return address does not contain any information about the postal box you put the envelope into. The RMX proposal would require that you pre-register the sender's domain name with any and all "postal boxes" that you might send through. This is especially a problem for anyone who is mobile and sends mail through different relays. More generally, the administrative overhead of such a scheme is problematic. d/ -- Dave Crocker <mailto:dcrocker@brandenburg.com> Brandenburg InternetWorking <http://www.brandenburg.com> Sunnyvale, CA USA <tel:+1.408.246.8253>, <fax:+1.866.358.5301> _______________________________________________ Asrg mailing list Asrg@ietf.org https://www1.ietf.org/mailman/listinfo/asrg
- Re: [Asrg] MXs Used As Authentication - Why RMX? Peter J. Holzer
- Re: [Asrg] MXs Used As Authentication - Why RMX? Bill Cole
- RE: [Asrg] MXs Used As Authentication - Why RMX? Christopher Bird
- Re: [Asrg] MXs Used As Authentication - Why RMX? Brad Knowles
- Re: [Asrg] MXs Used As Authentication - Why RMX? Brad Knowles
- Re: [Asrg] [7b BCP] What may be, versus what is. Alan DeKok
- Re: [Asrg] MXs Used As Authentication - Why RMX? Peter J. Holzer
- Re: [Asrg] [7b BCP] What may be, versus what is. Brad Knowles
- Re: [Asrg] MXs Used As Authentication - Why RMX? Brad Knowles
- Re: [Asrg] MXs Used As Authentication - Why RMX? Yakov Shafranovich
- Re: [Asrg] MXs Used As Authentication - Why RMX? Alan DeKok
- Re: [Asrg] MXs Used As Authentication - Why RMX? Alan DeKok
- Re: [Asrg] MXs Used As Authentication - Why RMX? Bart Schaefer
- Re: [Asrg] MXs Used As Authentication - Why RMX? Dave Crocker
- [Asrg] MXs Used As Authentication - Why RMX? Sabahattin Gucukoglu
- Re: [Asrg] MXs Used As Authentication - Why RMX? waltdnes