Remote email access
Michael.Dillon at radianz.com
Michael.Dillon at radianz.com
Wed Feb 5 09:04:08 UTC 2003
> Hence there is no space-efficient way of noting an authority
> chain, other than entering every single IP address ever assigned, all in
> one big data base.
> Alas, that ain't feasible.
I beg to differ. Essentially, the collective databases of the address
registries are the data base that you describe. But...
> At a minimum, it is essentially impossible to
> keep such a database up to date.
You may be right. The ARIN, RIPE and APNIC databases are filled with junk,
lies, and inaccuracies. On the face of it this seems to prove that it is
impossible to keep the data up to date. However, since there has never
been any significant effort to ensure that the databases are accurate and
up to date, this could change.
If ARIN, RIPE and APNIC were to find some financial and political support,
then I believe that they could provide a global authoritative database of
all IP address ownership that was reasonably accurate and up to date. If
this could be queried by a standard protocol such as LDAPv3 (Referral
LDAP) then the distributed database could be queried in much the same way
as the distributed DNS is.
What would be the point? Well, if my MTA receives a connection on port 25
I could look up the source IP address in the LDAP directory to identify
the owner. Since an LDAP directory can contain arbitrary information
related to its entries, perhaps I could find out whether or not that
source IP is registered as an SMTP server and also retrive the abuse email
address of the organization who has registered this address.
--Michael Dillon
More information about the NANOG
mailing list