On 2010-02-13 04:24, dar...@chaosreigns.com wrote:
Still http://www.chaosreigns.com/mtx/
I still have the following comments (wich you didn't answer previously):
* I think there should be a way to tell the world wether you are using
the scheme for a domain (not host) or not. This could easily be done in DNS.
* I think you should follow conventions in DNS naming, using an
underscore to signify that the DNS record is a "special" type of record.
This is quite common.
You could use SpamAssassins registrar boundaries stuff for getting the
domain in a SA plugin, and score higher for missing MTX host record if
there is an MTX domain record.
An example (of the top of my head) could be:
To say that "marmaduke.frukt.org" [195.67.112.219] is allowed to send mail:
219.112.67.195._mtx.marmaduke.frukt.org. IN A 127.0.0.1
To say that we're using your scheme for all hosts under "frukt.org":
_mtx.frukt.org. IN A 127.0.0.1
If anyone connects from a host where reverse lookup or HELO puts it in
"frukt.org" domain, you know that your should reject or score high
unless it has FCDNS and a matching MTX record.
(And of course, if this catches on, you'll have to provide RFC style
documentation.)
Regards
/Jonas
--
Jonas Eckerman
Fruktträdet & Förbundet Sveriges Dövblinda
http://www.fsdb.org/
http://www.frukt.org/
http://whatever.frukt.org/
