Security Incidents mailing list archives
Re: ***SPAM*** Re: Massive SPAM Increase {-2.6} {-2.6}
From: "Jamie Riden" <jamesr () europe com>
Date: Tue, 17 Oct 2006 14:20:24 +1300
On 14/10/06, Paul Schmehl <pauls () utdallas edu> wrote:
--On October 13, 2006 10:46:34 PM -0400 Valdis.Kletnieks () vt edu wrote: > On Mon, 09 Oct 2006 13:33:12 CDT, Paul Schmehl said: > > (Digging out from a long week of other stuff, sorry for the late > response) > >> Its purpose is to reject *all* mail from bogus MTAs - dialups, >> misconifigured servers, MTAs that aren't registered in the domains' DNS >> as a "legal" MX, MTAs that don't reverse properly, etc., etc. If the >> email is > > "mta that aren't registered in the DNS as a "legal" MX" - tell me Paul, > how does that work with any site that's big enough that they run split > inbound MX and outbound servers? > Send me an email at geek () stovebolt com, and I'll tell you. I'm not sure what you mean by "split inbound and outbound", but any outbound MX host *should* be listed in DNS. You only list one - smtp.vt.edu. 192.82.162.213 is reversible, so it would get points for being honest about its IP/hostname, but it would lose points for not being listed in DNS as an MX. The overall score would determine if the mail was rejected, but I doubt that it would be.
Hi Paul,
For example, my old uni used to send outgoing mail from
its-mail1.massey.ac.nz, but MXs are mu-relay{1,2}.massey.ac.nz. The
only place that its-mail1 gets mentioned in the DNS is in the SPF
record, not MX. Presumably that's what you meant by 'outbound MX
host'?
cheers,
Jamie
--
Jamie Riden, CISSP / jamesr () europe com / jamie.riden () gmail com
NZ Honeynet project - http://www.nz-honeynet.org/
------------------------------------------------------------------------------
This List Sponsored by: Black Hat
Attend the Black Hat Briefings & Training USA, July 29-August 3 in Las Vegas.
World renowned security experts reveal tomorrow's threats today. Free of
vendor pitches, the Briefings are designed to be pragmatic regardless of your
security environment. Featuring 36 hands-on training courses and 10 conference
tracks, networking opportunities with over 2,500 delegates from 40+ nations.
http://www.blackhat.com ------------------------------------------------------------------------------
Current thread:
- Re: ***SPAM*** Re: Massive SPAM Increase {-2.6} {-2.6}, (continued)
- Re: ***SPAM*** Re: Massive SPAM Increase {-2.6} {-2.6} Paul Schmehl (Oct 16)
- Re: ***SPAM*** Re: Massive SPAM Increase {-2.6} {-2.6} gabriel rosenkoetter (Oct 17)
- Re: ***SPAM*** Re: Massive SPAM Increase {-2.6} {-2.6} Valdis . Kletnieks (Oct 16)
- Re: ***SPAM*** Re: Massive SPAM Increase {-2.6} {-2.6} Paul Schmehl (Oct 16)
- Re: ***SPAM*** Re: Massive SPAM Increase {-2.6} {-2.6} gabriel rosenkoetter (Oct 17)
- Re: ***SPAM*** Re: Massive SPAM Increase {-2.6} {-2.6} Valdis . Kletnieks (Oct 17)
- Re: ***SPAM*** Re: ***SPAM*** Re: Massive SPAM Increase {-2.6} {-2.6} Paul Schmehl (Oct 17)
- Re: ***SPAM*** Re: Massive SPAM Increase {-2.6} {-2.6} benfell (Oct 16)
- Re: ***SPAM*** Re: Massive SPAM Increase {-2.6} {-2.6} Dude VanWinkle (Oct 17)
- RE: Massive SPAM Increase Vince Valenti (Oct 17)
- Re: ***SPAM*** Re: Massive SPAM Increase {-2.6} {-2.6} Jamie Riden (Oct 17)
- Re: Massive SPAM Increase Graeme Fowler (Oct 09)