[Mimedefang] how to undo Verisigns mess
dr john halewood
john at unidec.co.uk
Tue Sep 16 11:28:00 EDT 2003
On Tuesday 16 Sep 2003 2:58 pm, Joseph Brennan wrote:
>> Since recently, all .net and .com domains started to resolve, pointing to
>> a verisign owned server that shows a customized webpage.
>> roaringpiguin.com. 900 IN A 64.94.110.11
>
>Arg! Aside from forgeries, if legit mail is sent with a typo'd
>domain, the only chance we have to tell the sender is to reject
>during the smtp transaction.
ermm....
how exactly can legit mail be sent with a typo'd domain? If it's been done
by the server admin, then pretty quickly everyone in the company will know
about it as they'll never get any replies back unless they get bounced on the
way out (unless of course you've got different From: and Reply To: headers).
The only way I can see this happening on more than a very brief basis is if
someone's forging an address or telnetting to port 25 and talking raw SMTP.
The other method mentioned in this thread (forward not matching reverse DNS)
is all well and good, but it doesn't help much if your IP address allocation
is in the middle of a CIDR block and the ISP either won't delegate the
in-addr.arpa to you or won't update it's own reverse DNS on your behalf. Not
that I've had this problem before. Much.
cheers
john
More information about the MIMEDefang
mailing list