The End-To-End Internet (was Re: Blocking MX query)

Daniel Taylor dtaylor at
Wed Sep 5 20:09:38 UTC 2012

On 09/05/2012 03:01 PM, Michael Thomas wrote:
> On 09/05/2012 12:50 PM, Daniel Taylor wrote:
>> On 09/05/2012 10:19 AM, Michael Thomas wrote:
>>> On 09/05/2012 05:56 AM, Daniel Taylor wrote:
>>>> On 09/04/2012 03:52 PM, Michael Thomas wrote:
>>>>> On 09/04/2012 09:34 AM, Daniel Taylor wrote:
>>>>>> If you are sending direct SMTP on behalf of your domain from 
>>>>>> essentially random locations, how are we supposed to pick you out 
>>>>>> from spammers that do the same?
>>>>> Use DKIM.
>>>> You say that like it's a lower bar than setting up a fixed SMTP 
>>>> server and using that.
>>> I say it like it addresses your concern.
>> Well, if you've got proper forward and reverse DNS, and your portable 
>> SMTP server identifies itself properly, and you are using networks 
>> that don't filter outbound port 25, AND you have DKIM configured 
>> correctly and aren't using it for a situation for which it is 
>> inappropriate, then you'll get the same results with a portable SMTP 
>> server that you would sending through a properly configured static 
>> server.
>> So, no, "use DKIM" does not address the delivery difficulties 
>> inherent to using a portable SMTP server.
> My how the goalposts are moving. DKIM solves the problem of producing
> a stable identifier for a mail stream which is what your originally 
> positioned
> goalposts was asking for. It also makes reverse dns lookups even more
> useless than they already are.
"Use your MX or SPF senders as your outbound mail agent, especially if 
they are properly configured with full DNS records so we can tell they 
are the correct machines to be sending on your behalf, or expect that 
you will get more mail bounced and lost  than the average user because 
you are being unpredictable and unverifiable."

That you so conveniently trimmed from the post that you replied to.

Just putting the goalposts back where I left them.

Proper DNS configuration is essential to reliable SMTP delivery. SPF and 
DKIM can help ensure you don't get mistakenly tagged as a spammer, but 
they are no substitute for proper technical configuration of your mail 
server, and you don't get proper configuration if you are using other 
people's networks.

Daniel Taylor             VP Operations       Vocal Laboratories, Inc
dtaylor at                                 952-941-6580x203

More information about the NANOG mailing list