On Aug 14, 2007, at 9:29 AM, Al Iverson wrote:
On 8/14/07, Tim Franklin <[EMAIL PROTECTED]> wrote:
On Tue, August 14, 2007 1:48 am, Douglas Otis wrote:
For domains to play any role in securing email, a published MX
record should become a necessary acceptance requirement. Using
MX records also consolidates policy locales which mitigates some
DDoS concerns.
What if there's no intention to use the domain for email?
I've become annoyed enough in the other direction, owning domains
*only* used for email and dealing with irate people insisting I'm
domain-squatting and must sell them the domain cheaply right now
because there's no A record for www.what.ever.
I'm annoyed enough in the original direction. I, like many
thousands of people, have some domains that I don't use for email,
so they don't have an MX record. How do you enforce this new
requirement? Who chases it down? How does it stop domain tasting?
If this is ultimately to stop domain tasting abuse, why not instead
stop domain tasting? It seems like this simply add rules that
somebody has to figure out to who enforce, and I'm not exactly
inspired to think that it'll be enforced regularly or properly.
All registrations MUST incur a nominal charge applied uniformly.
Remove the option permitting domain registration at little or no
cost. End of problem.
This seems like creating a requirement that people must implement
mosquito nets to solve the mosquito problem, instead of focusing on
removing the mosquitos.
This comment was added as a follow-on note. Sorry for not being clear.
Accepting messages from a domain lacking MX records might be risky
due to the high rate of domain turnovers. Within a few weeks, more
than the number of existing domains will have been added and deleted
by then. Spammers take advantage of this flux. Unfortunately SMTP
server discovery via A records is permitted and should be
deprecated. Once MX records are adopted as an _acceptance_
requisite, domains not intended to receive or send email would be
clearly denoted by the absence of MX records. SMTP policy published
adjacent to MX records also eliminates a need for email policy
"discovery" as well. Another looming problem.
Don't accept a message from a domain without MX records. When there
is no policy record adjacent to the MX record, there is no policy,
and don't go looking.
-Doug