IETF SMTP Working Group Proposal at smtpng.org

Jared Mauch jared at puck.Nether.net
Wed Aug 21 19:55:41 UTC 2002


	If there were some sort of smtp callback pki, as long as
you controled your dns and server you could do something useful
on that front.

	here's an example i gave last night in a private
e-mail:

-- snip --
        There is an important need to perform callback but allow for
the ability to protect information from possible spammers for
harvesting/verificiation.

        eg:

        220 welcome, but no spam
        ehlo spammer
        250-callback-secure
        250 help
        mail from:<spammer at hotmail.com> callback=spammer.example.com
        250 ok
        rcpt to:<jared at nether.net>
        451 try again, pending callback

        vs:

        220 welcome, but no spam
        ehlo spammer
        250-callback-secure
        250 help
        mail from:<spammer at hotmail.com> callback=spammer.example.com
        250 ok
        rcpt to:<nouser at nether.net>
        550 no such user here

        there's also the need to do some sort of pki to allow
callback to be secure.  eg: the dns record for nether.net should have
some public-key in it and then some other stuff like possibly

mail from:<realuser at hotmail.com> callback=validate.hotmail.com;key=<alkjsdfj>   
then pass the 'key' through the public-key availble via dns to
provide back an authentication system to allow for more secure
callback.

        but this can still be abused depending...

        just some thoughts,
-- snip --

	- jared

On Wed, Aug 21, 2002 at 02:38:31PM -0500, Larry Rosenman wrote:
> 
> What about individuals that run their own mail servers?  (E.G. me).? 
> 
> 
> 
> On Wed, 2002-08-21 at 14:28, Derek Samford wrote:
> > 
> > I really like this. A sort of IRR for mail servers. Maybe when
> > registered it could even check if the server was an open relay, and not
> > allow those servers to be registered until properly configured. Any
> > thoughts?
> > 
> > Derek
> > 
> > > -----Original Message-----
> > > From: owner-nanog at merit.edu [mailto:owner-nanog at merit.edu] On Behalf
> > Of
> > > Mark Segal
> > > Sent: Wednesday, August 21, 2002 3:12 PM
> > > To: 'Robert Blayzor'; nanog at nanog.org
> > > Subject: RE: IETF SMTP Working Group Proposal at smtpng.org
> > > 
> > > 
> > > > It's almost to the point to where mail servers need their own
> > > > "registrar", sort of the way domains are tracked now, track
> > > > mail servers.  Give mail server admins the option to accept
> > > > mail from registered mail servers only or from any mail
> > > > server.  Of course there would need to be a ramp up period,
> > > > like six months to a year, to make sure all of your mail
> > > > servers are registered.  And of course one should only be
> > > > able to register mail servers if the IP space is actually
> > > > SWIP to them.  If the IP space is NOT SWIP, it would need to
> > > > be registered by the customer ISP or via owners rwhois
> > > > server.  Just my $.02; for what it's worth....
> > > 
> > > Really good idea (no sarcasm, I actually like it).. But what stops
> > > spammers
> > > from registering their mail server?..Ie..
> > > 	1) Get a dsl account
> > > 	2) Ips get swipped to you
> > > 	3) Register the server
> > > 	4) SPAM
> > > 	5) Apologize, get a second chance
> > > 	6) get booted off
> > > 	7) Call the next ISP with a zero install
> > > 	8) Rinse and repeat.
> > > 
> > > 
> > > Regards,
> > > Mark
> > > 
> > > --
> > > Mark Segal
> > > Director, Data Services
> > > Futureway Communications Inc.
> > > Tel: (905)326-1570
> > 
> -- 
> Larry Rosenman                     http://www.lerctr.org/~ler
> Phone: +1 972-414-9812                 E-Mail: ler at lerctr.org
> US Mail: 1905 Steamboat Springs Drive, Garland, TX 75044-6749

-- 
Jared Mauch  | pgp key available via finger from jared at puck.nether.net
clue++;      | http://puck.nether.net/~jared/  My statements are only mine.



More information about the NANOG mailing list