Merit Network
Can't find what you're looking for? Search the Mail Archives.
  About Merit   Services   Network   Resources & Support   Network Research   News   Events   Home

Discussion Communities: Merit Network Email List Archives

North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: IETF SMTP Working Group Proposal at smtpng.org

  • From: Jared Mauch
  • Date: Wed Aug 21 16:20:30 2002

	If there were some sort of smtp callback pki, as long as
you controled your dns and server you could do something useful
on that front.

	here's an example i gave last night in a private
e-mail:

-- snip --
        There is an important need to perform callback but allow for
the ability to protect information from possible spammers for
harvesting/verificiation.

        eg:

        220 welcome, but no spam
        ehlo spammer
        250-callback-secure
        250 help
        mail from:<spammer@hotmail.com> callback=spammer.example.com
        250 ok
        rcpt to:<jared@nether.net>
        451 try again, pending callback

        vs:

        220 welcome, but no spam
        ehlo spammer
        250-callback-secure
        250 help
        mail from:<spammer@hotmail.com> callback=spammer.example.com
        250 ok
        rcpt to:<nouser@nether.net>
        550 no such user here

        there's also the need to do some sort of pki to allow
callback to be secure.  eg: the dns record for nether.net should have
some public-key in it and then some other stuff like possibly

mail from:<realuser@hotmail.com> callback=validate.hotmail.com;key=<alkjsdfj>   
then pass the 'key' through the public-key availble via dns to
provide back an authentication system to allow for more secure
callback.

        but this can still be abused depending...

        just some thoughts,
-- snip --

	- jared

On Wed, Aug 21, 2002 at 02:38:31PM -0500, Larry Rosenman wrote:
> 
> What about individuals that run their own mail servers?  (E.G. me).? 
> 
> 
> 
> On Wed, 2002-08-21 at 14:28, Derek Samford wrote:
> > 
> > I really like this. A sort of IRR for mail servers. Maybe when
> > registered it could even check if the server was an open relay, and not
> > allow those servers to be registered until properly configured. Any
> > thoughts?
> > 
> > Derek
> > 
> > > -----Original Message-----
> > > From: owner-nanog@merit.edu [mailto:owner-nanog@merit.edu] On Behalf
> > Of
> > > Mark Segal
> > > Sent: Wednesday, August 21, 2002 3:12 PM
> > > To: 'Robert Blayzor'; nanog@nanog.org
> > > Subject: RE: IETF SMTP Working Group Proposal at smtpng.org
> > > 
> > > 
> > > > It's almost to the point to where mail servers need their own
> > > > "registrar", sort of the way domains are tracked now, track
> > > > mail servers.  Give mail server admins the option to accept
> > > > mail from registered mail servers only or from any mail
> > > > server.  Of course there would need to be a ramp up period,
> > > > like six months to a year, to make sure all of your mail
> > > > servers are registered.  And of course one should only be
> > > > able to register mail servers if the IP space is actually
> > > > SWIP to them.  If the IP space is NOT SWIP, it would need to
> > > > be registered by the customer ISP or via owners rwhois
> > > > server.  Just my $.02; for what it's worth....
> > > 
> > > Really good idea (no sarcasm, I actually like it).. But what stops
> > > spammers
> > > from registering their mail server?..Ie..
> > > 	1) Get a dsl account
> > > 	2) Ips get swipped to you
> > > 	3) Register the server
> > > 	4) SPAM
> > > 	5) Apologize, get a second chance
> > > 	6) get booted off
> > > 	7) Call the next ISP with a zero install
> > > 	8) Rinse and repeat.
> > > 
> > > 
> > > Regards,
> > > Mark
> > > 
> > > --
> > > Mark Segal
> > > Director, Data Services
> > > Futureway Communications Inc.
> > > Tel: (905)326-1570
> > 
> -- 
> Larry Rosenman                     http://www.lerctr.org/~ler
> Phone: +1 972-414-9812                 E-Mail: ler@lerctr.org
> US Mail: 1905 Steamboat Springs Drive, Garland, TX 75044-6749

-- 
Jared Mauch  | pgp key available via finger from jared@puck.nether.net
clue++;      | http://puck.nether.net/~jared/  My statements are only mine.




Discussion Communities


About Merit | Services | Network | Resources & Support | Network Research
News | Events | Contact | Site Map | Merit Network Home


Merit Network, Inc.