On Fri, Oct 10, 2003 at 03:09:54PM +1000, Russell Coker wrote: > Joel, can you please provide information on the experimental method for > specifying which IP addresses may be used to send mail from a particular > domain? The one I personally like best, at the moment, is Paul Vixie's proposal (draft-vixie-repudiating-mail-from); however, as has been pointed out, most of the active, or remotely reasonable, proposals have come under the aegis of the IETF ASRG working group, and probably belong there. None of them currently have (nor are they likely to have in the immediate future) enough weight to be terribly useful; the main benefit of the ASRG process is that we will (almost certainly) end up with one protocol blessed with full RFC status, which is a fairly major advantage in terms of convincing mail software writers and DNS maintainers to actually implement it in a widespread enough fashion that it will have noticeable impact. I favor Vixie's proposal primarily because it's simple, elegant, and it requires neither new DNS RR types, nor excessive handling of things which are documented as poor DNS practice, such as widecards. Anything requiring DNS upgrades will take at least five years, if not longer, before it is deployed in sufficient density to be meaningful - many folks still run BIND 4 based resolvers. And the merits of avoiding the use of poor DNS practices should be, well, obvious. Using one special hostname that is unlikely to be used for anything else on an operational network isn't such a high price, by comparison, and it can be implemented entirely at the application level using well-established query pathways (even resolvers that break things like wildcards are unlikely to break MX+priority information). However, as I said, I'm betting that none of them will gain much steam until the ASRG renders a decision. So we'll just have to see what comes out of it. -- Joel Baker <fenton@debian.org> ,''`. Debian GNU NetBSD/i386 porter : :' : `. `' `-
Attachment:
pgpMtJ92VUAUp.pgp
Description: PGP signature