![[SpamCop.net - protecting the internet through technology]](http://news.spamcop.net/newlogo.jpg)
[SC-Help] Re: rDNS checks and third party SMTP agents
Mathew Hendry
TJLWBECGSGWU at spammotel.com
Wed Feb 2 11:46:58 EST 2005
"Iain" <ipmarketing at spamcop.net> wrote in <ctq32d$5a0$1 at news.spamcop.net>:
>One proposal is that opted-in mail be despatched via a coordinated
>cross-Governement eMail service. This is raising numerous issues including:
>
>1. If mail is not sent in the name of the 'real' Government agency then this
>is both a poor user experience and could be confused for phishing mail
>either by the recipient or a mail scanner (I've seen mail where the scanner
>compared the domain quoted in links included in the body of the message with
>the domain of the sender and if they didn't match would insert a large
>'possible fraud attempt' tag in red into the message at every link!
>
>2. If the cross-Government service then simply sends mail in the name
>(domain) of the real agency, then (I presume) unless the SMTP server is
>listed in the real agency's DNS the mail send would fail any rDNS check,
>i.e. the server would appear to be sending mail under a domain for which the
>server were not listed. Is this correct?
>
>3. To ensure rDNS checks worked, would it be necessary for the sending SMTP
>server to have a valid MX record or would the servers IP just need to apear
>in the domain records? The significance of a 'valid MX' is that this would
>be a cross-Government *sending* service and we wouldn't want inbound mail
>going to it should the regular SMTP servers not be available at any tme for
>some unexpected reason
Systems like SPF and SenderID may be what you're looking for here. Your
government agencies would publish specially formatted DNS records for their
domains saying "we send e-mail [only] from these IP addresses":
http://spf.pobox.com
Use of third party mail certification systems (Bonded Sender, Habeas, ISIPP,
...) might be a good idea as well.
One big problem I can see with a centralised system like this is that if
there's a single significant security incident at one of the client
agencies, every single agency could find its e-mail blacklisted. That and
the possibility of catastrophic system failure - not an unknown occurrence
in government IT projects... ;)
-- Mat.
More information about the SpamCop-Help
mailing list