<<< Chronological >>> Author Index    Subject Index <<< Threads >>>

Re: [anti-spam-wg@localhost] Spamhaus & ".mail" TLD

  • From: furio ercolessi < >
  • Date: Sat, 27 Mar 2004 15:21:33 +0100

On Fri, Mar 26, 2004 at 05:42:28PM +0000, Jon Lawrence wrote:
> On Friday 26 March 2004 17:21, Antoine Delvaux wrote:
> > What are the comments of the list on the Spamhaus initiative ?
> >
> > http://www.spamhaus.org/tld/index.html
> >
> Interesting idea. But I don't get how it will work in practise. Spammers will 
> simply forge the domain name and spoof the IP address - as they do at present 
> - and the email will still go through. 

.mail is not intended to be used as a sender domain (MAIL FROM).
For the intended usage (IP validation) the only way to forge it
would be DNS poisoning - that is, inject a fake DNS record in the
resolver used by the victim's mailserver.  Not easy.

IP addresses can not be spoofed; the IP address connecting to the
victim's mailserver - as reported by the Received: line produced
by that mailserver - is always correct.  That is the IP address
subjected to the .mail validation procedure.

furio ercolessi




  • Post To The List:
<<< Chronological >>> Author    Subject <<< Threads >>>