Re: A request to all mail admins

From: Jem Berkes (jb_at_users.pc9.org)
Date: 08/28/03 

Date: 28 Aug 2003 14:20:56 GMT

> d) It would be nice if there were more of a way to tie in checks that
> "is the bounce likely to go back where it came from?" at SMTP stage;
> we already have the ability to do MX lookups on the
> Sender/Return-Path/mail-from domain, and to connect into those MXes to
> see if they accept mail for the user from <>; it should be possible to
> devise an algorithm where the closeness of IP# for the MX of the
> return-path-to-be-used-in-a-bounce is measured relative to the
> incoming connection - that way, relayed mail can be detected, and you
> can influence your do-I-bounce-this-virus? decision accordingly as
> well.

If it was possible to check this, it truly would be a dream come true; this
would solve much of the spam issue or at least make the sender responsible
for their actions because they couldn't forge the From field.

There were several huge discussions on slashdot about this, which I read in
for ideas. The problem is getting everyone to ADOPT any proposed new
scheme, so the best idea is to stick close to what we already have.

One suggestion that has been well formulated is the RMX resource record in
DNS. A domain owner would list all mail servers authorized to send mail on
behalf of the domain name. Mail servers that support RMX checking would do
a type=RMX lookup on the domain name in the From field, and get back a list
of authorized relay IPs for the domain. Then it's a simple check; is the
connecting mail relay one of these authorized IPs?

It's a nice method because it's purely an extension of what already exists,
using familiar DNS. And it allows hotmail.com and little domains alike the
ability to protect _themselves_ from being used as forged addresses.