North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: BCP38 thread 93,871,738,435 + SPF
* Douglas Otis: > Spam being sent through Bot farms has already set the stage for > untraceable DNS attacks based upon SPF. In addition to taking out major > interconnects, these attacks can: > > a) inundate authoritative DNS; > > b) requests A records from anywhere; > > c) probe IP address, port, and the transaction IDs of resolvers; (b) and (c) are not new developments because lots of MTAs already perform A lookups on HELO arguments, and MX lookups on sender domains. > While not as bad as eavesdropping, it still places the network and the > integrity of DNS at risk. All of this while the spam is still being > delivered. What a productivity tool! The purpose of SPF, as it is deployed, is to facilitate routing solicited bulk email around spam filters. Look at email.bn.com/IN/TXT to get the idea. This application requires some of the indirection features offered by SPF.
|