[55638] in North American Network Operators' Group
Re: Remote email access
daemon@ATHENA.MIT.EDU (Valdis.Kletnieks@vt.edu)
Wed Feb 5 08:33:09 2003
To: Michael.Dillon@radianz.com
Cc: nanog@merit.edu
In-Reply-To: Your message of "Wed, 05 Feb 2003 09:04:08 GMT."
<OFC230F6DA.FDCEE930-ON80256CC4.0030C965-80256CC4.0031D16A@radianz.com>
From: Valdis.Kletnieks@vt.edu
Date: Wed, 05 Feb 2003 08:30:46 -0500
Errors-To: owner-nanog-outgoing@merit.edu
--==_Exmh_1682693624P
Content-Type: text/plain; charset=us-ascii
On Wed, 05 Feb 2003 09:04:08 GMT, Michael.Dillon@radianz.com said:
> What would be the point? Well, if my MTA receives a connection on port 25
> I could look up the source IP address in the LDAP directory to identify
> the owner. Since an LDAP directory can contain arbitrary information
> related to its entries, perhaps I could find out whether or not that
> source IP is registered as an SMTP server and also retrive the abuse email
> address of the organization who has registered this address.
Somebody (Christian Huietma?) did a survey, and 30% of the sites don't even
have working PTR entries in the DNS. Why should you expect enough buy-in
on updating LDAP entries to make the query worth trying?
www.rfc-ignorant.org has a very large database of sites that can't even get
things like 'postmaster@' and 'abuse@' *email* addresses correct.
So you end up penalizing sites that don't have a clue, while the clued spammers
will do this:
% ldap add abuse_contact mailbox="abuse@whatever.foo"
% cat > ~abuse/.forward
/dev/null
^D
What have you won?
--
Valdis Kletnieks
Computer Systems Senior Engineer
Virginia Tech
--==_Exmh_1682693624P
Content-Type: application/pgp-signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001
iD8DBQE+QRIFcC3lWbTT17ARArtUAJ9rDq49wFeWNLU2Ya5jHytnEMQRNwCfcySE
etgKTLKCoQGKYFxdfnn4yf4=
=jh7o
-----END PGP SIGNATURE-----
--==_Exmh_1682693624P--
