[Mimedefang] Unique identifier

xWBrown at e1b.org xWBrown at e1b.org
Fri Feb 20 14:55:23 EST 2009


Kevin wrote on 02/20/2009 01:13:21 PM:

> I've always used $QueueID as unique BUT I'm sure it has some possibility
of
> not being random especially if you use more than one server.

QueueID plus hostname will take care of uniqueness as suggested by RFC 822.

Which suggests an interesting idea to validate messages:

A DNS style verification of messages sent.  For example, the Message-ID of
the message I am replying to shows:

Message-ID: <C71C5F34D3FD4A82861FD18EEF700959 at peregrinehw.com>

So, if I substitute a period for the "@" do a DNS query for
C71C5F34D3FD4A82861FD18EEF700959.peregrinehw.com, their nameserver could
return a coded response that message did indeed originate from that server.
The Message-ID values would need to be kept for some minimum time period
before being flushed, perhaps seven to ten days.

Potential problems I can see:

1.  Load on DNS servers, which would need to delegate the query to the
actual mail server named in the message-id.

2.  Message-id would need to be immediately available from MTA to DNS type
server for verification.  This could be mitigated if the mail server based
the all or some of LHS of message-id on time, and queried message-ID fell
in the past few seconds, before actual used IDs are updated to DNS server.

3.  Obviously not effective until widely deployed.

On the positive side:

1. Unlike Domain Keys and other crypto-signature systems, requires no
central authority.





More information about the MIMEDefang mailing list