On Jun 25, 2009, at 10:40 AM, J.D. Falk wrote:
Danny Angus wrote:I tried some time ago to articulate some tests which any proposal oughtto at least acknowledge, which you can find here.. http://www.killerbees.co.uk/draft-irtf-asrg-criteria-00.html You may find them helpful.Nicely done; I think this could be the start of a very useful document. Any interest in starting up work on it again?First steps could be: - update terminology to match draft-crocker-email-arch- include some examples taken from other RFCs, both successful and non-
This draft overlooked an important area. It assumes a viable and scaleable means to identify initial senders when confronting massive levels of abuse. Simply put, without a two tier approach to abuse that begins by identifying outbound MTAs, email will not remain viable. This paper overlooks that need.
- Include a means for efficient and efficacious host name identification and domain level authorization of systems granting access for outbound public (non-authenticated port 25) SMTP messages.
Even reverse DNS queries often impose a too great of a burden on resources due to bot-net related abuse. :^(
Reducing the number of systems that need vetting are best consolidated by identifying the outbound MTA explicitly signified as providing this service within the forward facing name space. A means to explicitly facilitate this function becomes more necessary with increased inclusion of IPv6 and further growth of bot-nets. Once outbound MTAs provide stable and specific identifications within the domain name space, the immediate vetting this allows provides a much needed reduction on the resource burdens imposed upon SMTP by abuse. These schemes should also not cause undue burden on DNS either.
-Doug