North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: Selection of Appropriate Local SMTP Relay

  • From: Joe Abley
  • Date: Mon Jan 10 19:56:47 2000

On Mon, Jan 10, 2000 at 07:36:15PM -0500, Daniel Senie wrote:
> > It's quite possible to specify a different mail relay for every individual
> > address in an ISP's network. I might be using octet boundaries so that
> > I can follow the same well-known zone structure as is
> > currently used, but that's all.
> Ny using octet boundaries, you're making an inference that the IP
> addresses are being used in a classful fashion. It's doubtful this will
> be the case in today's network.

I don't buy your logic. By that reasoning, PTR records are not supported
on today's network either, since they also work on octet boundaries.

> As others point out, the IP address given out for a particular dialup
> will NOT be representative of the ISP.

Without a way of authenticating a user SMTP session, client IP address
is the _usual_ method of deciding how much relaying an SMTP server should
do for a client.

Your point about port wholesaleing is perfectly valid, at least in the
circumstances when the port retailer is not able to hand out addresses
from her own blocks (as is possible with many port wholesalers).

It's unlikely that any single approach will win all the time. My
proposal was mainly intended as a quick win -- very quick and easy
to implement on the ISP side (for ISPs where it is applicable), and
relatively straightforward on the mail client side. It's certainly
not the be-all and end-all of relay authentication solutions.

> You didn't comment on my other suggestion, that of doing MX on the
> assigned name servers. This has all of the advantages you want, without
> the problems associated with trying to determine which ISP is in use
> based on IP address.

Aah, sorry, I didn't spot that. It also has the disadvantage that many
roamers seem to have hard-coded nameservers in their laptop stacks,
which frequently continue to function (although a little bit more slowly!)
while they're roaming round the world. As I think I mentioned, from my
experience not many operators nail down recursive lookups through their
nameservers, which means you don't need to be local to use them.

I presume you were still talking about using MX records in the
zones, since MX records in the forward zones have other (obvious)

> Now I'm not convinced the MX on DNS server approach
> is a good solution, but it's probably better than doing MX on the IP
> address assigned.