[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: ISSUE: Possibility to use non-resolvable domain name as path-identity
Charles Lindsey wrote:
>> How's your example supposed to work, has foo.com no NS record ?
> I have never regarded the existence of (only) an NS record as
> meaning "resolvable in the DNS".
Okay, but nslookup foo.com would return "nothing", not NXDOMAIN,
a similar effect as for an "UUCP domain" with only an MX record.
>> An MX record probably won't help with !! (aka 'match').
> 'match' is not nececessarily done by IP addresses.
Yes, that's why I wrote "probably", you or Russ mentioned some
NNTP AUTH magic some days ago instead of a gethostbyname IP match.
> if a site has outgoing relayers "news1.site.example",
> "news2.site.example", etc, it still might use "site.example" as
> its <path-identity>, but in that case I would like to see at
> least an MX record for "site.example".
That's already covered by RFC 2142, abuse@xxxxxxxxxxxxxxx has to
work, they need either an MX or an address with an smtpd.
>> say that "a path-identity SHOULD be the fully qualified domain
>> name of the corresponding host (here news server)", and be done
>> with it. If it has no IP it has a good excuse to pick 'something'
>> else, and then 'something' with an MX might be the second best
>> choice, but maybe reality is weirder than we can imagine.
> Well, since that's almost exactly what I want it to say, can I
> take it that you 'second' the Issue?
As continuation of the #1093 saga, yes, it makes no sense to track
the in essence same issue twice.
>>> we have agreed that we do not intend either to supersede/obsolete/
>>> commend it.
>> TINW. I certainly don't agree.
> That seems to be the consensus, but feel free to raise an Issue.
#1093 already exists. Any "let the users try to guess a responsible
address, maybe with whois or by asking abuse@" approach, because it's
beyond admins to filter spam to a role account, that's IMHO arrogance,
unrelated to the C-word reserved for Chairs.