On Mon, Jan 10, 2000 at 07:36:15PM -0500, Daniel Senie wrote:
It's quite possible to specify a different mail relay for every individual address in an ISP's network. I might be using octet boundaries so that I can follow the same well-known in-addr.arpa zone structure as is currently used, but that's all.
Ny using octet boundaries, you're making an inference that the IP addresses are being used in a classful fashion. It's doubtful this will be the case in today's network.
I don't buy your logic. By that reasoning, PTR records are not supported on today's network either, since they also work on octet boundaries.
As others point out, the IP address given out for a particular dialup will NOT be representative of the ISP.
Without a way of authenticating a user SMTP session, client IP address is the _usual_ method of deciding how much relaying an SMTP server should do for a client. Your point about port wholesaleing is perfectly valid, at least in the circumstances when the port retailer is not able to hand out addresses from her own blocks (as is possible with many port wholesalers). It's unlikely that any single approach will win all the time. My proposal was mainly intended as a quick win -- very quick and easy to implement on the ISP side (for ISPs where it is applicable), and relatively straightforward on the mail client side. It's certainly not the be-all and end-all of relay authentication solutions.
You didn't comment on my other suggestion, that of doing MX on the assigned name servers. This has all of the advantages you want, without the problems associated with trying to determine which ISP is in use based on IP address.
Aah, sorry, I didn't spot that. It also has the disadvantage that many roamers seem to have hard-coded nameservers in their laptop stacks, which frequently continue to function (although a little bit more slowly!) while they're roaming round the world. As I think I mentioned, from my experience not many operators nail down recursive lookups through their nameservers, which means you don't need to be local to use them. I presume you were still talking about using MX records in the in-addr.arpa zones, since MX records in the forward zones have other (obvious) application?
Now I'm not convinced the MX on DNS server approach is a good solution, but it's probably better than doing MX on the IP address assigned.
Joe