[dns-operations] Why would an MTA issue an ANY query instead of an MX query?

Florian Weimer fw at deneb.enyo.de
Sat Jun 23 21:54:16 UTC 2012

* Vernon Schryver:

> Emergency patches against ANY to last for a day or two for lack of
> other available tools can make good sense--for a day or so.  But
> spending any long term effort on ANY queries in this context is the
> same "thinking" that brought us SPF as the final ultimate solution
> to the spam problem (FUSSP), because as we all "knew," spam requires
> forged senders.

But unlike spam, these attacks require spoofed source addresses.

Perhaps it's time to admit defeat, call our legislators, and suggest
that they mandate source address validation by service providers.

More information about the dns-operations mailing list