[Mimedefang] $RelayHostname not matchingsendmail's Receivedheader?
Jeff Rife
mimedefang at nabs.net
Sat Dec 9 16:57:51 EST 2006
On 7 Dec 2006 at 9:58, Jan-Pieter Cornet wrote:
> On Wed, Dec 06, 2006 at 11:32:57AM -0800, John Rudd wrote:
> > Botnet looks to verify that:
> >
> > c) the hostname doesn't contain 2 or more octets of its IP address in
> > hex or decimal form
> > d) the hostname doesn't contain certain "client like" keywords (dsl,
> > dynamic, dialup, etc.)
>
> The idea is that SMEs on crappy DSL lines that do not allow you to
> change reverse DNS, but that do operate their own domain, properly
> pointing back to their own mailserver on their DSL line, are allowed
> through.
In a similar vein, I'm one of the "happy" customers of Verizon business
FIOS. I'm *very* happy with the price and speed ($100/month for 5
static IPs and 15Mbps down/2Mbps up), but not the service...you can't
even find out who to talk to to get reverse DNS set up correctly.
So, when my server sends e-mail, it uses "saber.nabs.net" as its
"EHLO", and the connection comes from 71.246.216.107. "host
saber.nabs.net" returns 71.246.216.107, which is the same IP that the
connection comes from. So far, so good.
But, "host 71.246.216.107" returns:
static-71-246-216-107.washdc.fios.verizon.net.
This hits on just about every "is this a generic rDNS" regex. But, as
you can see by the name, it's not likely to be a dialup/dynamic, etc.
So, I vote for any change to the Botnet code that ends up with my type
of situation (which is pretty much what Jan-Pieter was also describing)
not getting rejected.
--
Jeff Rife | Coach: How's life, Norm?
|
| Norm: Not for the squeamish, Coach.
More information about the MIMEDefang
mailing list