nanog mailing list archives
Re: Christmas spam from RESERVED IANA adressblock ?
From: Neil <kngspook () gmail com>
Date: Thu, 25 Dec 2008 02:01:31 -0800
Maybe I'm showing my newb-ness here.... On Wed, Dec 24, 2008 at 10:33 PM, James Hess <mysidia () gmail com> wrote: [snip]
RFC1918 addresses should also never be found in mail headers of any messages being exchanged over the internet.. For the very reason that it creates this confusion. Another case of many implementations not doing anything close to what they should. RFC1918 says on page 4: " Indirect references to such addresses should be contained within the enterprise. Prominent examples of such references are DNS Resource Records and other information referring to internal private addresses. In particular, Internet service providers should take measures to prevent such leakage. " Private IPs in mail headers are just fine inside the enterprise, but messages with headers referencing private IPs should not be exchanged over the internet. RC1918 specifically says indirect references should not leave the enterprise. The only thing that would be worse or more confusing to other sites would be to not add a mail header at all, or to use a real IP address shared by other hosts that use 1918 addresses on the LAN.
So what are you suggesting an admin should do (assuming, for example, he doesn't have enough IPv4 addresses to go around)? If he shouldn't strip headers, and he shouldn't use the NAT'd addresses, then he's running rather low on options. And no matter what he does, it's going to involve modification of the headers, which is generally considered A Bad Thing(TM). Especially since some, not many, but enough, sysadmins are going to do the modification badly, and either accidentally mangle the rest of the email or do something to make tracking down problems more difficult. I think a big difference between the example you quoted about RFC 1918 and Received: headers is that DNS records will be used by various programs automatically, whereas mail headers are generally not; as JF Mezei pointed out, all you have to do is learn to read mail headers properly.
Not sharing mail server public IPs isn't part of the RFC1918 though, it's just the right way(TM).
I didn't understand what you meant here... Not sharing my mail server's public IP is going to make it a little difficult for me to receive mail, I suspect...
Current thread:
- Christmas spam from RESERVED IANA adressblock ? macbroadcast (Dec 24)
- RE: Christmas spam from RESERVED IANA adressblock ? Steven Lisson (Dec 24)
- Re: Christmas spam from RESERVED IANA adressblock ? Jon Lewis (Dec 24)
- RE: Christmas spam from RESERVED IANA adressblock ? Scott Morris (Dec 24)
- Re: Christmas spam from RESERVED IANA adressblock ? James Hess (Dec 24)
- Re: Christmas spam from RESERVED IANA adressblock ? JF Mezei (Dec 24)
- Re: Christmas spam from RESERVED IANA adressblock ? Neil (Dec 25)
- Re: Christmas spam from RESERVED IANA adressblock ? William Herrin (Dec 25)
- Re: Christmas spam from RESERVED IANA adressblock ? James Hess (Dec 24)
- Re: Christmas spam from RESERVED IANA adressblock ? William Herrin (Dec 24)
- <Possible follow-ups>
- Re: Christmas spam from RESERVED IANA adressblock ? Zaid Ali (Dec 24)