dar...@chaosreigns.com wrote:
On 02/14, dar...@chaosreigns.com wrote:
Now should I use _mtx, or MTAMark style _smtp._srv?
DNS records containing underscores are apparently a pain. In my Bind
config I had to add check-names ignore;. My secondary DNS provider
is responding with REFUSED (I
On 02/13, Matus UHLAR - fantomas wrote:
So the only effect of MTX should be confirmation that a machine may send
mail?
On 13.02.10 14:40, dar...@chaosreigns.com wrote:
Yes.
In such case you should not compare MTX with SPF and or DKIM, instead
you should clearly state that MTX is designed
On 02/14, dar...@chaosreigns.com wrote:
Now should I use _mtx, or MTAMark style _smtp._srv?
dar...@chaosreigns.com wrote:
DNS records containing underscores are apparently a pain. In my Bind
config I had to add check-names ignore;. My secondary DNS provider
is responding with REFUSED
On 2010-02-14 19:20, dar...@chaosreigns.com wrote:
On 02/14, Jonas Eckerman wrote:
The SPF record above says that a host using panic.chaosreigns.com
in HELO should not be allowed to send mail unless it has the IP
address 64.71.152.40, regardless of the domain in the envelope
from, From:
Matus UHLAR - fantomas wrote:
On 02/14, dar...@chaosreigns.com wrote:
Now should I use _mtx, or MTAMark style _smtp._srv?
dar...@chaosreigns.com wrote:
DNS records containing underscores are apparently a pain. In my
Bind
config I had to add check-names ignore;. My secondary DNS
On 2010-02-14 19:20, dar...@chaosreigns.com wrote:
On 02/14, Jonas Eckerman wrote:
* I think there should be a way to tell the world wether you are using
the scheme for a domain (not host) or not. This could easily be done in
DNS.
I need to think about this more, thanks for the
On 2010-02-14 19:20, dar...@chaosreigns.com wrote:
Possibly a lack of separate SPF records for HELO and MAIL FROM if
they are the same.
On 15.02.10 13:58, Jonas Eckerman wrote:
Agreed. I think they should have separated those records.
I don't see any reason. Why should we allow someone to
On 02/15, Per Jessen wrote:
Change provider. There is absolutely nothing wrong with having an
underscore in DNS records. They're used for several things - _sip and
_domainkey for instance. Also see RFC2181.
RFC 2181 section 11 does seem to agree.
However, I still haven't found evidence of
I'm about to post about MTX to the Anti-Spam Research Group's discussion
mailing list: http://asrg.sp.am/about/lists.shtml This appears to be
the best next step toward RFC.
MTX HELO - need to comment on this
On 02/15, Jonas Eckerman wrote:
* Or, make a MTX checker traverse domain from the one
dar...@chaosreigns.com wrote:
On 02/15, Per Jessen wrote:
I checked my bind setup too, and I have the default for check-names -
no
complaints. It is however, perhaps, worth noting that my _sip and
_domainkey names are for SRV records, not A records.
Yup, no problems with SRV records -
On 02/15, Per Jessen wrote:
Hmm, there does seem to be some minor issue with the underscore in A
records, but I still think it would be the most appropriate way to go.
Technically I agree. However, practically, I think it might be important
to go without underscores purely due to
On 2010-02-13 04:24, dar...@chaosreigns.com wrote:
panic.chaosreigns.com. IN SPF v=spf1 a:64.71.152.40 -all
No. MTX defines 64.71.152.40 as a legitimate transmitting mail server,
regardless of the domain in the envelope from, From: header, etc..
Popular misconception, it seems.
The SPF
On 2010-02-13 04:24, dar...@chaosreigns.com wrote:
Still http://www.chaosreigns.com/mtx/
I still have the following comments (wich you didn't answer previously):
* I think there should be a way to tell the world wether you are using
the scheme for a domain (not host) or not. This could
On 2010-02-13 21:48, dar...@chaosreigns.com wrote:
Looks like it ties the helo domain to the delivering IP, breaking (broken)
forwarding just like SPF?
Tying the HELO domain to an IP has does not break forwarding. The host
name (including domain) used in HELO is independent from the domain
Jonas Eckerman wrote:
(And of course, if this catches on, you'll have to provide RFC style
documentation.)
See Justins posting from two days back:
http://tools.ietf.org/draft/draft-stumpf-dns-mtamark/
http://tools.ietf.org/draft/draft-stumpf-dns-mtamark/draft-stumpf-dns-mtamark-04.txt
That
- Per Jessen p...@computer.org wrote:
Jonas Eckerman wrote:
(And of course, if this catches on, you'll have to provide RFC
style
documentation.)
See Justins posting from two days back:
http://tools.ietf.org/draft/draft-stumpf-dns-mtamark/
On 02/14, Jonas Eckerman wrote:
The SPF record above says that a host using panic.chaosreigns.com in
HELO should not be allowed to send mail unless it has the IP address
64.71.152.40, regardless of the domain in the envelope from, From:
header, etc..
That's not exactly the same as your
On 02/14, Jonas Eckerman wrote:
* I think you should follow conventions in DNS naming, using an
underscore to signify that the DNS record is a special type of record.
This is quite common.
I didn't like this idea, but I have realized it's the right thing to do.
Now should I use _mtx, or
On 02/14, dar...@chaosreigns.com wrote:
Now should I use _mtx, or MTAMark style _smtp._srv?
DNS records containing underscores are apparently a pain. In my Bind
config I had to add check-names ignore;. My secondary DNS provider is
responding with REFUSED (I asked them to fix it).
Is it worth
On 02/11, Matus UHLAR - fantomas wrote:
So you define the IP 64.71.152.40 as OK when sending mail from
@panic.chaosreigns.com. address.
so it's the exactly same as
panic.chaosreigns.com. IN SPF v=spf1 a:64.71.152.40 -all
On 12.02.10 22:24, dar...@chaosreigns.com wrote:
No. MTX
On 02/13, Matus UHLAR - fantomas wrote:
So the only effect of MTX should be confirmation that a machine may send
mail?
Yes.
So why the complicated check for DNS record combining DNS name and IP?
Why not simply requesting that machine has a mail or smtp in its DNS
name?
I answered that
dar...@chaosreigns.com a écrit :
On 02/13, Matus UHLAR - fantomas wrote:
So the only effect of MTX should be confirmation that a machine may send
mail?
Yes.
So why the complicated check for DNS record combining DNS name and IP?
Why not simply requesting that machine has a mail or smtp
On 02/13, mouss wrote:
dar...@chaosreigns.com a écrit :
did you take a look at CSA
http://mipassoc.org/csv/draft-ietf-marid-csv-csa-02.txt
I had not, thanks.
Looks like it ties the helo domain to the delivering IP, breaking (broken)
forwarding just like SPF?
Anyway, such approaches
* Implemented blacklisting.
* Clarified current recommendations and added content to the page.
* Removed redirect for Microsoft Internet Explorer users and converted
the page to HTML 4.01 Strict.
Still http://www.chaosreigns.com/mtx/
I think the only thing left to do is to switch from send()
24 matches
Mail list logo
