SPF is harmful, covered by Microsoft's patent application, and insecure. - TCP-IP

This is a discussion on SPF is harmful, covered by Microsoft's patent application, and insecure. - TCP-IP ; ML> So send an email, while bombarding the receiving MTA with fake ML> "TXT" answers would most probably work if that MTA runs Windows ML> and port 53 is improperly blocked. RR> [...] If DNS was 100% supported over TCP/IP ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: SPF is harmful, covered by Microsoft's patent application, and insecure.

  1. SPF is harmful, covered by Microsoft's patent application, and insecure.

    ML> So send an email, while bombarding the receiving MTA with fake
    ML> "TXT" answers would most probably work if that MTA runs Windows
    ML> and port 53 is improperly blocked.

    RR> [...] If DNS was 100% supported over TCP/IP (many DNS servers only
    RR> respond to UDP/IP queries), then it would be possible for an eMail
    RR> server administrator to ensure better security in such cases.

    No, it wouldn't. DNS/TCP would still be just a fallback. To "improve"
    matters in the way that you suggest, it would also be necessary to
    change the protocol such that DNS/TCP was tried *first*.

  2. Re: SPF is harmful, covered by Microsoft's patent application, and insecure.

    "Jonathan de Boyne Pollard " wrote in
    news.admin.net-abuse.email:

    > ML> So send an email, while bombarding the receiving MTA with fake
    > ML> "TXT" answers would most probably work if that MTA runs Windows
    > ML> and port 53 is improperly blocked.
    >
    > RR> [...] If DNS was 100% supported over TCP/IP (many DNS servers only
    > RR> respond to UDP/IP queries), then it would be possible for an eMail
    > RR> server administrator to ensure better security in such cases.
    >
    > No, it wouldn't. DNS/TCP would still be just a fallback. To "improve"
    > matters in the way that you suggest, it would also be necessary to
    > change the protocol such that DNS/TCP was tried *first*.


    It it were required, then DNS over UDP/IP wouldn't need to be
    configured as a fallback at all.

    --
    Randolf Richardson, pro-active spam fighter - rr@8x.ca
    Vancouver, British Columbia, Canada

    Please do not eMail me directly when responding to my
    postings in the newsgroups.

    Sending eMail to other SMTP servers is a privilege.


+ Reply to Thread