On Wed, 10 Mar 2004, Glenn Little wrote:
> I think the performance hit and reliance on an external
> connection for every email processed was at least an
> equal concern.
>
> In practice is that just not a problem? How about
> a network timeout situation? How does that end up
> working out? Sounds like you (Christopher) at least
> have a fairly high mail volume.
>
> -glenn
Glenn,
Are you responsible for the mail @cs.ucsd.edu ?
Then you -DO- use a DNSBL for every message, and I've got the
transcript to prove it:
server15$ telnet fast.ucsd.edu smtp
Trying...
Connected to fast.ucsd.edu.
Escape character is '^]'.
220 fast.ucsd.edu ESMTP
helo server15.icaen.uiowa.edu
250 fast.ucsd.edu Hello server15.icaen.uiowa.edu [128.255.17.10], pleased to
meet you
mail from: <[EMAIL PROTECTED]>
553 5.1.8 <[EMAIL PROTECTED]>... Domain of sender address [EMAIL PROTECTED]
does not exist
You do a DNS resolvability check on each message that somebody tries to
hand you, which is dependent upon an arbitratry remote DNS server.
Based upon the results of that DNS lookup, you do reject mail.
Thus I could argue that you do use DNSBL lists.
Now I do that -and- I do a DNS lookup on rbl-plus.mail-abuse.org.
As we have a paid subscription to MAPS, with zone-xfer rights,
that second lookup is often faster and easier than the first is.
If performance is truely a concern, just secondary the zones that
you want to use.
So it boils down to an issue of trust. Who do you trust to tell you
whether you should accept any particular message?
Some arbitrary remote DNS server who claims authority for the
senders domain? (DNS spoofing issues considered)?
A 3rd party who has done some work to collect information about
some particular desirability criteria of a particular sending host?
(EG open-relay, dial-up/dynamic IP, open proxy, ...).
Do the due diligence, it can pay off in the end.
(hmm is this some kind of stock add ;)
Dave
--
Dave Funk University of Iowa
<dbfunk (at) engineering.uiowa.edu> College of Engineering
319/335-5751 FAX: 319/384-0549 1256 Seamans Center
Sys_admin/Postmaster/cell_admin Iowa City, IA 52242-1527
#include <std_disclaimer.h>
Better is not better, 'standard' is better. B{
