On 8/14/07, Tim Franklin <tim@pelican.org> wrote:
On Tue, August 14, 2007 1:48 am, Douglas Otis wrote:
For domains to play any role in securing email, a published MX record should become a necessary acceptance requirement. Using MX records also consolidates policy locales which mitigates some DDoS concerns.
What if there's no intention to use the domain for email?
I've become annoyed enough in the other direction, owning domains *only* used for email and dealing with irate people insisting I'm domain-squatting and must sell them the domain cheaply right now because there's no A record for www.what.ever.
I'm annoyed enough in the original direction. I, like many thousands of people, have some domains that I don't use for email, so they don't have an MX record. How do you enforce this new requirement? Who chases it down? How does it stop domain tasting? If this is ultimately to stop domain tasting abuse, why not instead stop domain tasting? It seems like this simply add rules that somebody has to figure out to who enforce, and I'm not exactly inspired to think that it'll be enforced regularly or properly. This seems like creating a requirement that people must implement mosquito nets to solve the mosquito problem, instead of focusing on removing the mosquitos. Al -- Al Iverson on Spam and Deliverability, see http://www.spamresource.com News, stats, info, and commentary on blacklists: http://www.dnsbl.com My personal website: http://www.aliverson.com -- Chicago, IL, USA