[Jabber-IETF] Dialback protocol

Matthias Wimmer m at tthias.net
Sat Oct 5 12:41:38 CDT 2002


Hi Pete!

Pete Chown wrote:

> One quick question...  I've been trying to understand the purpose of 
> the dialback protocol.  Presumably it's supposed to avoid the problem 
> with SMTP, where you can connect to a server and pretend to be anyone 
> you like.
>
> However, why is dialback better than a simple DNS check?  Suppose foo 
> connects to bar, says, "I'm foo," and then transfers a message coming 
> from luser at foo.  Bar can resolve foo through the DNS, and ensure that 
> there is either an SRV or an A record pointing to the address on the 
> other end of the TCP connection.
>
> There was another thing I wasn't sure about too.  Are you allowed to 
> have a configuration where there are Jabber relays, like mail relays? 
> So now foo.com has an SRV record pointing to jabber-inward.foo.com. 
> Messages leaving foo.com come from jabber-outward.foo.com.  Now, won't 
> this cause a problem for dialback authentication?  It will think that 
> jabber-outward.foo.com is not authorised to represent foo.com.
>
> I may be missing something here, because I've only started following 
> the discussions recently.

The outgoing connection is most of the time originated by the first IP 
of a system ... this IP is not necessary in the DNS for the domain of 
the Jabber server.
(One example is amessage.de ... outgoing connections are originated by a 
different IP address then the IP in DNS for amessage.de.)


Tot kijk
    Matthias




More information about the xmppwg mailing list