nanog mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Selection of Appropriate Local SMTP Relay

From: Joe Abley <jabley () patho gen nz>
Date: Tue, 11 Jan 2000 13:53:22 +1300

On Mon, Jan 10, 2000 at 07:36:15PM -0500, Daniel Senie wrote:

It's quite possible to specify a different mail relay for every individual
address in an ISP's network. I might be using octet boundaries so that
I can follow the same well-known in-addr.arpa zone structure as is
currently used, but that's all.


Ny using octet boundaries, you're making an inference that the IP
addresses are being used in a classful fashion. It's doubtful this will
be the case in today's network.


I don't buy your logic. By that reasoning, PTR records are not supported
on today's network either, since they also work on octet boundaries.


As others point out, the IP address given out for a particular dialup
will NOT be representative of the ISP.


Without a way of authenticating a user SMTP session, client IP address
is the _usual_ method of deciding how much relaying an SMTP server should
do for a client.

Your point about port wholesaleing is perfectly valid, at least in the
circumstances when the port retailer is not able to hand out addresses
from her own blocks (as is possible with many port wholesalers).

It's unlikely that any single approach will win all the time. My
proposal was mainly intended as a quick win -- very quick and easy
to implement on the ISP side (for ISPs where it is applicable), and
relatively straightforward on the mail client side. It's certainly
not the be-all and end-all of relay authentication solutions.


You didn't comment on my other suggestion, that of doing MX on the
assigned name servers. This has all of the advantages you want, without
the problems associated with trying to determine which ISP is in use
based on IP address.


Aah, sorry, I didn't spot that. It also has the disadvantage that many
roamers seem to have hard-coded nameservers in their laptop stacks,
which frequently continue to function (although a little bit more slowly!)
while they're roaming round the world. As I think I mentioned, from my
experience not many operators nail down recursive lookups through their
nameservers, which means you don't need to be local to use them.

I presume you were still talking about using MX records in the in-addr.arpa
zones, since MX records in the forward zones have other (obvious)
application?


Now I'm not convinced the MX on DNS server approach
is a good solution, but it's probably better than doing MX on the IP
address assigned.



Joe
Previous By Date Next
Previous By Thread Next

Current thread: