nanog mailing list archives
Re: BCP38 thread 93,871,738,435 + SPF
From: Florian Weimer <fw () deneb enyo de>
Date: Fri, 27 Oct 2006 14:11:30 +0200
* Douglas Otis:
Spam being sent through Bot farms has already set the stage for untraceable DNS attacks based upon SPF. In addition to taking out major interconnects, these attacks can: a) inundate authoritative DNS; b) requests A records from anywhere; c) probe IP address, port, and the transaction IDs of resolvers;
(b) and (c) are not new developments because lots of MTAs already perform A lookups on HELO arguments, and MX lookups on sender domains.
While not as bad as eavesdropping, it still places the network and the integrity of DNS at risk. All of this while the spam is still being delivered. What a productivity tool!
The purpose of SPF, as it is deployed, is to facilitate routing solicited bulk email around spam filters. Look at email.bn.com/IN/TXT to get the idea. This application requires some of the indirection features offered by SPF.
Current thread:
- Re: BCP38 thread 93,871,738,435 + SPF, (continued)
- Re: BCP38 thread 93,871,738,435 + SPF Chris L. Morrow (Oct 27)
- Re: BCP38 thread 93,871,738,435 + SPF Michael . Dillon (Oct 27)
- Re: BCP38 thread 93,871,738,435 + SPF Chris L. Morrow (Oct 27)
- Re: BCP38 thread 93,871,738,435 + SPF Douglas Otis (Oct 27)
- Re: BCP38 thread 93,871,738,435 + SPF Gadi Evron (Oct 27)
- Re: BCP38 thread 93,871,738,435 + SPF Douglas Otis (Oct 29)
- Re: BCP38 thread 93,871,738,435 + SPF Gadi Evron (Oct 29)
- Re: BCP38 thread 93,871,738,435 + SPF Douglas Otis (Oct 29)
- Re: BCP38 thread 93,871,738,435 + SPF Gadi Evron (Oct 29)
- Re: BCP38 thread 93,871,738,435 + SPF Randy Bush (Oct 27)
- Re: BCP38 thread 93,871,738,435 + SPF Florian Weimer (Oct 27)
- Re: BCP38 thread 93,871,738,435 + SPF Douglas Otis (Oct 27)
- Re: BCP38 thread 93,871,738,435 (was Re: register.com down sev0?) Patrick W. Gilmore (Oct 26)
- Re: BCP38 thread 93,871,738,435 (was Re: register.com down sev0?) Don (Oct 26)
- Re: BCP38 thread 93,871,738,435 (was Re: register.com down sev0?) william(at)elan.net (Oct 26)
- Re: BCP38 thread 93,871,738,435 (was Re: register.com down sev0?) Michael Painter (Oct 26)
- Re: BCP38 thread 93,871,738,435 (was Re: register.com down sev0?) Mikael Abrahamsson (Oct 26)
- Re: BCP38 thread 93,871,738,435 (was Re: register.com down sev0?) Chris L. Morrow (Oct 26)