[ietf-dkim] New issue: Upward query vs. wildcard publication
Mark Delany
markd+dkim at yahoo-inc.com
Wed Apr 18 16:55:42 PDT 2007
John L wrote:
>> percentages are "normal" vs. "unusual", but my cursory look a
>> long time ago suggested that it met the 80-20 rule.
>
> You are certainly correct that most zones are pretty flat, but this
> sounds like a DOS attack waiting to happen, send out junk with long
> bogus addresses
I'm just raising this as a discussion point; what if we said that the
SSP record must (at least) exist at the registry cut-point?
It's not particularly pretty, but you (only) need about a 1,000 entry
database to define all the registry cut-points today. I know the size
because we've built this sort of database for other reasons. I think
SpamAssassin has something similar as well.
That "root" SSP record could tell us max-depth within it's balliwick, if
that's of use.
I'm kindof a fan of the registry cut-point because that segues nicely
into a responsible and hopefully knowable entity.
Mark.
More information about the ietf-dkim
mailing list