[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Asrg] 6. Proposals: MTA MARK vs port 25 filtering?

To: <asrg@ietf.org>
Subject: Re: [Asrg] 6. Proposals: MTA MARK vs port 25 filtering?
From: "Hector Santos" <winserver.support@winserver.com>
Date: Tue, 16 Dec 2003 14:03:28 -0500
List-archive: <https://www1.ietf.org/mail-archive/working-groups/asrg/>
List-help: <mailto:asrg-request@ietf.org?subject=help>
List-id: Anti-Spam Research Group - IRTF <asrg.ietf.org>
List-post: <mailto:asrg@ietf.org>
List-subscribe: <https://www1.ietf.org/mailman/listinfo/asrg>,<mailto:asrg-request@ietf.org?subject=subscribe>
List-unsubscribe: <https://www1.ietf.org/mailman/listinfo/asrg>,<mailto:asrg-request@ietf.org?subject=unsubscribe>
Organization: Santronics Software, Inc
References: <20031216184532.DC62916E0B@mail.nitros9.org>
Sender: asrg-admin@ietf.org

Hi Alan,

Thanks Alan, I'll trying to keep up.  Maybe you can help summarize it here:

Who has LMAP deployed currently to evaluate its effectiveness?

What is the recommended refusal methods for a LMAP rejection?


Does LMAP offer a fallback?

Does LMAP rejection pre-empt an ESMTP AUTH?

Does LMAP even allow for ESMTP AUTH to be reached?

You have to just put yourself in the position of the engineer that will be
programming this and passing it on to customers.    Right now ESMTP AUTH
trumps all restrictions or issues that deal with SPAM or dynamic IP or
whatever.   Where and how LMAP would fit in with everything else is what I
am trying to see.   Unless I am seeing it wrong, I agree with Phillip,  the
domain check itself is insufficient.

-- Hector





----- Original Message ----- 
From: "Alan DeKok" <aland@ox.org>
To: <asrg@ietf.org>
Sent: Tuesday, December 16, 2003 1:45 PM
Subject: Re: [Asrg] 6. Proposals: MTA MARK vs port 25 filtering?


> "Hector Santos" <winserver.support@winserver.com> wrote:
> > Does LMAP address IP ranges?
>
>   Yes.  See the various drafts for different syntactic ways of
> implementing this.
>
> > Are we ready to say that dynamic IP senders are no longer allowed?
>
>   That's up to the domain they claim to be associated with.  The
> recipient MTA doesn't know, or care, that the user has a dynamic IP.
>
> > The way I see it from an implementation standpoint, LMAP can only be
used
> > for a "accept" logic.  It can't be used to reject for lack of a LMAP
based
> > information.
>
>   That's pretty much what the document says.
>
> >         LMAP  AUTH
> >          0               0         Low trust
> >          1               0         X trust
> >           0              1         Y trust
> >           1               1        Z trust
> >
> > Z is great,  Y is still better than X.   With just X,  we are still
> > scratching our heads which is the point you are making I believe.   What
I
> > am saying, you don't need X if you have Y
>
>   I don't see why.
>
>   SMTP AUTH is a user to sending MTA authentication protocol.  LMAP is
> an domain to MTA authorization protocol.  I don't see why using one
> would negate the need for the other.
>
>   Alan DeKok.
>
> _______________________________________________
> Asrg mailing list
> Asrg@ietf.org
> https://www1.ietf.org/mailman/listinfo/asrg
>



_______________________________________________
Asrg mailing list
Asrg@ietf.org
https://www1.ietf.org/mailman/listinfo/asrg

Follow-Ups:
- Re: [Asrg] 6. Proposals: MTA MARK vs port 25 filtering?
  - From: Alan DeKok

References:
- Re: [Asrg] 6. Proposals: MTA MARK vs port 25 filtering?
  - From: Alan DeKok

Prev by Date: Re: [Asrg] 6. Proposals: MTA MARK vs port 25 filtering?
Next by Date: [Asrg] [1] Why SPAM is worse in SMTP than in other protocols
Previous by thread: Re: [Asrg] 6. Proposals: MTA MARK vs port 25 filtering?
Next by thread: Re: [Asrg] 6. Proposals: MTA MARK vs port 25 filtering?
Index(es):
- Date
- Thread