[26612] in North American Network Operators' Group
Re: Selection of Appropriate Local SMTP Relay
daemon@ATHENA.MIT.EDU (Sean Donelan)
Mon Jan 10 09:40:24 2000
Date: 10 Jan 2000 06:39:04 -0800
Message-ID: <20000110143904.25675.cpmta@c004.sfo.cp.net>
Content-Type: text/plain
Content-Disposition: inline
Mime-Version: 1.0
To: nanog@merit.edu
From: Sean Donelan <sean@donelan.com>
Errors-To: owner-nanog-outgoing@merit.edu
On Mon, 10 January 2000, John R. Levine wrote:
> That's much too complicated. What we need are some well-known IP
> addresses, analogous to well-known ports, that are not routable on the
> global Internet, but that are assigned to standard services within
> each network, e.g.:
Doesn't work well with "shared" infrastructure networks. For example
if I dial in on an "XYZ" account I might connect via a UUNET, Level 3,
Sprint, PSINET, or "XYZ" access port. How would UUNET know to route
10.1.1.1 to the "XYZ" SMTP relay for an "XYZ" user, but 10.1.1.1 to
a different provider when their customer used the shared access port?
Do you load a NAT translation table for each dialup user? But it doesn't
address the security issue, in a distributed authentication environment how
can I obtain positive identification for each session with my mail server?
Currently there are delays, and its possible for a spammer to use the time
window to piggyback on the authentication done by the previous user of the
same access port.
When you have positive identification of the user to the mail handling
systems, the need for a lot of kludgery disappears.
