Security Basics mailing list archives
Re: DNSs, MXs and RBLs....
From: Ned Fleming <ned () kaw us>
Date: Fri, 21 Mar 2008 08:35:05 -0500
On Thu, 20 Mar 2008 19:26:19 +0100 (CET), "Santiago Barahona" <sant-bar () dsv su se> wrote:
Once upon a time, there were two companies that created one new entity (let's say 50-50)... one of them provides the IT infrastructure and the other "the name" (i guess): it is company A's mail servers, and company B's domain name... Since the new users will be in company A's infrastructure, their mailboxes will be hosted in company A's mail servers... but the domain name will be controlled and hosted by company B... to do this someone has suggested to company B to modify their DNS entries to point to company A's domain name....
OK, you have three zone files: oldcoA.com, oldcoB.com, and newco.com.
So when a MTA tries to reach user () newco com, it will find in Company B's DNS that it points out to companyA.com, then it will go ask a DNS who is companyA.com and deliver the mail... (tell me if I'm wrong)...
Whoever controls the DNS zone file for newco.com will control the IP address for the MX record(s) for that domain. That IP address might be at oldcoA or oldcoB or somewhere else. Now, if user () newco com is an alias for rumpelstiltskin () oldcoA com, and the email needs to go there, then you will need a map of some type (depending upon your MTA, i.e., postfix, sendmail, etc.) that redirects the email to its proper destination. Easy to do.
At first glance it looked OK but then it started to cause me trouble when I thought about the case when the users of this domain start sending mails because I think that company A's mail servers risk of being "black listed" by some RBLs... if this happens not only the users of the new entity will be percieved by spam but all users that use those servers... Any light??... is it possible to get blacklisted this way??... do you have any suggestions on how to avoid the risk??
I don't see how you can be blacklisted, unless one or the other of the oldcos IP addresses was blacklisted to begin with, in which case it could extend to email from newco.com
or should make a risk analysis and present it to management in order to get it to be accepted or not??
If either of the oldcos is blacklisted, then this is a good idea. Ned
Current thread:
- DNSs, MXs and RBLs.... Santiago Barahona (Mar 20)
- Re: DNSs, MXs and RBLs.... Ansgar -59cobalt- Wiechers (Mar 21)
- Re: DNSs, MXs and RBLs.... Ned Fleming (Mar 21)
- Re: DNSs, MXs and RBLs.... Santiago Barahona (Mar 24)
- Re: DNSs, MXs and RBLs.... Ansgar -59cobalt- Wiechers (Mar 24)
- Re: DNSs, MXs and RBLs.... Santiago Barahona (Mar 26)
- Message not available
- Re: DNSs, MXs and RBLs.... Ansgar -59cobalt- Wiechers (Mar 26)
- Re: DNSs, MXs and RBLs.... Santiago Barahona (Mar 24)