Email peering
Dave Crocker
dhc2 at dcrocker.net
Sat Jun 18 15:23:08 UTC 2005
Folks,
> DNSWL -- this is already being done. It is not widely viewed as being in
> any way similar to a peering concept. What would be more similar would
> be a consortium of large providers providing such a whitelist. That
> would be something I would welcome.
To repeat what John Levine said, and that I suggested in my posting "Informal
email peering" please take a look at CSV <http://mipassoc.org/csv> as a
candidate mechanism for determining the operations-related identity to assess,
and for a means of querying a third party to obtain an assessment.
CSV is simple, uses efficient DNS records, and mostly importantly uses
operations identities rather than content origination identities.
Several schemes that have some popularity use a path registration approach (SPF,
Sender-ID) which ties an origination identifier (rfc2822.From, rfc2822.Sender,
or rfc2821.MailFrom) to the MTAs along the transmission path.
For you ops folks, think of this as requiring pre-registration of all source
routes to all recipients. For you architecture freaks, think of it as a really
spiffy layer violation.
By contrast, CSV uses identities that are directly tied to the MTA that
is being assessed.
Once you have a validated identity, you need a scalable means of
assessing it. The combinatorial explosion with email makes pair-wise
agreements unscalable. Hence, some form of third-party assessment
schemes is needed.
And that is what motivated the idea for <http://mipassoc.org>. Develop
a common set of best practises, and have organization commit to
supporting them.
d/
---
Dave Crocker
Brandenburg InternetWorking
+1.408.246.8253
dcrocker a t ...
WE'VE MOVED to: www.bbiw.net
More information about the NANOG
mailing list