Re: What is up with 170.36.0.0/16

["Christopher A. Woodfield" <rekoil () semihuman com>]

The most obvious use for this setup (the reason I made several customers 
implement it at my previous life as an abusecritter) ) is to close down an 
open SMTP relay that couldn't otherwise be closed down (*cough* Cc:Mail 
*cough*). Relaying is controlled on the publically accessable server, but 
only mail destined for the target domain comes into the primary MX. Hence, 
no thrid-party relaying.

-Chris

> Are you sure this couldn't be intentional?
>
> I've once seen a setup where you had the lowest-priority MX (by that, I mean
> the one with the lowest number, in case my wording is ambiguous or
> contradictory) being some host with an RFC 1918 IP, and then there was a
> higher-priority MX which was their NAT box. I'm guessing (I never sent mail
> there, or worked with this setup, thank god) that the idea was that
> connections to the RFC 1918 box would die, so remote MTAs would contact the
> NAT box and deliver there. The NAT box would then try to relay to the
> primary MX, and since it would obviously have an interface into the network
> with the RFC 1918 IPs, it would be able to deliver.
> This place doesn't seem to be using this setup anymore, although amusingly
> enough most of their NS records point to machines with 10.200 IPs.
>
> I agree that this type of thing is entirely dumb, but is there any reason
> that the network mentioned by the original poster couldn't be doing the same
> thing?
> Many large corporations that have been running IP networks since before Wall
> Street knew the meaning of the word Internet have different real blocks of
> IP space (usually in the class B space) for their "public" network and their
> corporate network...
-- 
---------------------------
Christopher A. Woodfield                rekoil () semihuman com

PGP Public Key: http://pgp.mit.edu:11371/pks/lookup?op=get&search=0xB887618B