[ietf-dkim] protecting domains that don't exist
johnl at iecc.com
Sat Apr 12 09:10:29 PDT 2008
Jim Fenton wrote:
>> If ADSP can depend on a well-specified requirement for
>> checking for the existence of the domain, please indicate
>> where this is specified.
The current 2821bis draft says in sec 5:
Only resolvable, fully-qualified, domain names (FQDNs) are permitted
when domain names are used in SMTP. In other words, names that can
be resolved to MX RRs or address (i.e. A or AAAA) RRs (as discussed
in Section 5) are permitted, as are CNAME RRs whose targets can be
resolved, in turn, to MX or address RRs. Local nicknames or
unqualified names MUST NOT be used.
The 2822upd draft says in sec 3.4.1:
Note: A liberal syntax for the domain portion of addr-spec is
given here. However, the domain portion contains addressing
information specified by and used in other protocols (e.g.,
[RFC1034], [RFC1035], [RFC1123], [I-D.klensin-rfc2821bis]). It is
therefore incumbent upon implementations to conform to the syntax
of addresses for the context in which they are used.
and a little later
The domain portion identifies the point to which the mail is
delivered. In the dot-atom form, this is interpreted as an Internet
domain name (either a host name or a mail exchanger name) as
described in [RFC1034], [RFC1035] and [RFC1123]. In the domain-
literal form, the domain is interpreted as the literal Internet
address of the particular host. In both cases, how addressing is
used and how messages are transported to a particular host is covered
in separate documents such as [I-D.klensin-rfc2821bis]. These
mechanisms are outside of the scope of this document.
So the intention is clearly that the domains in addresses are supposed
to exist, but I don't see it in a MUST sentence. I'll ask whether
that's deliberate, or it was so obvious that they didn't think it was
John Levine, johnl at iecc.com, Primary Perpetrator of "The Internet for Dummies",
Information Superhighwayman wanna-be, http://www.johnlevine.com, ex-Mayor
"More Wiener schnitzel, please", said Tom, revealingly.
More information about the ietf-dkim