«

thing wrote:

> If your email address
>> was munged, how did you get the log - is thing.dyndns.org a real
>> domain?
>
> yes, but the user does not exist, so it bounces back as a non-existant
> user. That is a sample from my mail server logs, I set it as a spam trap.


My LogWatch - for 24 hours - shows:

Unknown local users: Total: 122
Relay attempts from known spammers: Total: 93
Rejected incoming mail (my criteria): Total: 38

(a couple of other types not included here) Total: 4

Summary: Total Mail Rejected: 256

--
Distributed Computing Projects:
SETI at Home
http://boinc.mundayweb.com/seti2/stats.php?userID=1248
ClimatePrediction.net
http://boinc.mundayweb.com/cpdn/stats.php?userID=334

thing wrote:

> thing wrote:
>
>> Dave - Dave.net.nz wrote:
>>
>>> thing wrote:
>>>
>>>> Oct 29 06:30:17 katrina sm-mta[3246]: i9SHUGPO003246:
>>>> <>... User unknown
>>>> Oct 29 06:30:17 katrina sm-mta[3246]: i9SHUGPO003246:
>>>> from=<>, size=0, class=0, nrcpts=0, proto=SMTP,
>>>> daemon=MTA, relay=bigbird.whtech.com [64.125.72.2]
>>>
>>>
>>>
>>>
>>>> Oct 29 06:41:04 katrina sm-mta[3277]: i9SHf3PO003277:
>>>> <>... User unknown
>>>> Oct 29 06:41:04 katrina sm-mta[3277]: i9SHf3PO003277:
>>>> from=<>, size=0, class=0, nrcpts=0, proto=SMTP,
>>>> daemon=MTA, relay=bigbird.whtech.com [64.125.72.2]
>>>
>>>
>>>
>>>
>>> 101? I only see 2
>>>
>>
>> I can post more logs if you want....
>>
>>
>>
>> regards
>>
>> Thing
>>
>
> Registrant:
> Western Horizon Technologies
> 5513 Azure Ridge Drive
> Las Vegas, NV 89130
> US
>
> Registrar: DOTSTER
> Domain Name: LIZARDHILL.COM
> Created on: 31-AUG-99
> Expires on: 31-AUG-05
> Last Updated on: 25-JUL-03
>
> Administrative, Technical Contact:
> O'Neil, Don
> Western Horizon Technologies
> 5513 Azure Ridge Drive
> Las Vegas, NV 89130
> US
> 702-645-6004
>
>
> Domain servers in listed order:
> NS1.LIZARDHILL.COM
> NS2.LIZARDHILL.COM
>
> Wonder if the site has been hacked or if its a spammer site.....
>
> regards
>
> thing
>
>
>

Received: from lizardhill.com (bigbird.whtech.com [64.125.72.2])
by gromit.utopia.co.nz (8.12.10/8.12.10) with SMTP id i9SHC4Yu002048
for <%%%MY_EMAIL_IN_HERE%%%>; Fri, 29 Oct 2004 06:12:06 +1300
Received: (qmail 86872 invoked by uid 1010); 28 Oct 2004 15:54:39 -0000
Date: 28 Oct 2004 15:54:38 -0000
Message-ID: <>
To:
Subject: A PLEA FOR HELP.
From: rawlings <>
X-Priority: 1 (Highest)
CC:
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Mailer: RLSP Mailer
X-Spam-Status: No, score=2.6 required=6.0 tests=FORGED_YAHOO_RCVD,
SUBJ_ALL_CAPS,X_PRIORITY_HIGH autolearn=no version=3.0.0
X-Spam-Level: **
X-Spam-Checker-Version: SpamAssassin 3.0.0 (2004-09-13) on
gromit.utopia.co.nz
X-UIDL: >kc"!c,f!!F[c!!Jb=!!
X-Fetchmail-Warning: recipient address %%%MY_EMAIL_IN_HERE%%% didn't
match any local name

GJ

thing wrote:
> Hmmm wrote:
>
>> Sue Bilstein wrote:
>>
>>> On Fri, 29 Oct 2004 06:50:58 +1300, thing
>>> <> wrote:
>>>
>>>
>>>> Oct 29 06:30:17 katrina sm-mta[3246]: i9SHUGPO003246:
>>>> <>... User unknown
>>>> Oct 29 06:30:17 katrina sm-mta[3246]: i9SHUGPO003246:
>>>> from=<>, size=0, class=0, nrcpts=0, proto=SMTP,
>>>> daemon=MTA, relay=bigbird.whtech.com [64.125.72.2]
>>>>
>>>>
>>>> Oct 29 06:41:04 katrina sm-mta[3277]: i9SHf3PO003277:
>>>> <>... User unknown
>>>> Oct 29 06:41:04 katrina sm-mta[3277]: i9SHf3PO003277:
>>>> from=<>, size=0, class=0, nrcpts=0, proto=SMTP,
>>>> daemon=MTA, relay=bigbird.whtech.com [64.125.72.2]
>>>
>>>
>>>
>>>
>>> Excuse my ignorance, but what do the logs show? Is this somebody
>>> trying to attack your computer, or to spam you? If your email address
>>> was munged, how did you get the log - is thing.dyndns.org a real
>>> domain?
>>
>>
>>
>> try doing a nslookup on thing.dyndns.org
>>
>> Non-authoritative answer:
>> Name: thing.dyndns.org
>> Address: 203.96.144.72
>>
>> Although the domain has no MX records so mail servers should not be
>> sending to it anyway. The logs simply show someone trying to deliver
>> an email to that address, not much to it really, obviously the person
>> is running the server or has access to the logs.
>>
>> Regards,
>> Stuart
>>
>>
>
> Yes, email has worked fine for 5 years, it has a wildcard setting in
> DNS, seems to work fine. Interesting how quickly it picked up the email
> address out of the NZ news groups.

that maybe, but lots of email servers will simply not send to it due to
a lack of mx records, and most should not be accepting mail from you due
to a lack of mx records, and of course loads simply dont accept email
from dynamic ip's etc etc the list goes on and on

>
> regards
>
> Thing
>
>
>


----== Posted via Newsfeeds.Com - Unlimited-Uncensored-Secure Usenet News==----
http://www.newsfeeds.com The #1 Newsgroup Service in the World! >100,000 Newsgroups
---= East/West-Coast Server Farms - Total Privacy via Encryption =---

Hmmm wrote:

8><----

>> Yes, email has worked fine for 5 years, it has a wildcard setting in
>> DNS, seems to work fine. Interesting how quickly it picked up the
>> email address out of the NZ news groups.
>
>
> that maybe, but lots of email servers will simply not send to it due to
> a lack of mx records, and most should not be accepting mail from you due
> to a lack of mx records, and of course loads simply dont accept email
> from dynamic ip's etc etc the list goes on and on

Proof in your statement? conjecture, that I believe does not stand up to
fact, I can send to gmail, yahoo, msn and hotmail without issue. I have
yet to see or hear of such a problem elsewhere as well. I work as a sys
admin with mail servers sending and receiving in excess of a million
emails a month so my experience does not agree with your assessment.

Most servers do not care what they send TO, more are concerned with what
they receive FROM. Problem is scale, there are rbl services that you can
subscribe to to block cable and adsl modem pools, but by default I do
not think many do, a greylist is more effective and workable IMHO (see
below).

I do not have a not a dynamic IP, it is an agreed static with my
provider ssince 1999, more accurately I think you mean from a modem pool....

At work we block IP's from non-NZ modem pools, that stopped 292,000 spam
last month....so I can understand why email servers would though.

We do not block NZ modem pools as lots of small businesses now run email
servers off adsl and cable connections, so we simply cannot, it would
cause a riot. We do insist that the mail servers are in a resolvable
domain and that things like helo msg contains the FQDN.

I certainly have zero problems mailing anywhere I want at present,
though soon I will be getting a proper domain and hence MX record, as I
agree I need to become more formalised both in that I want my own domain
and that sooner or later things like no MX record and SPF will make my
present system un-workable. All due to spammers!

regards

Thing

On Fri, 29 Oct 2004 14:04:05 +1300, Hmmm <> wrote:

>Sue Bilstein wrote:
>> On Fri, 29 Oct 2004 06:50:58 +1300, thing
>> <> wrote:
>>
>>
>>>Oct 29 06:30:17 katrina sm-mta[3246]: i9SHUGPO003246:
>>><>.. . User unknown
>>>Oct 29 06:30:17 katrina sm-mta[3246]: i9SHUGPO003246:
>>>from=<>, size=0, class=0, nrcpts=0, proto=SMTP,
>>>daemon=MTA, relay=bigbird.whtech.com [64.125.72.2]
>>>
>>>
>>>Oct 29 06:41:04 katrina sm-mta[3277]: i9SHf3PO003277:
>>><>.. . User unknown
>>>Oct 29 06:41:04 katrina sm-mta[3277]: i9SHf3PO003277:
>>>from=<>, size=0, class=0, nrcpts=0, proto=SMTP,
>>>daemon=MTA, relay=bigbird.whtech.com [64.125.72.2]
>>
>>
>> Excuse my ignorance, but what do the logs show? Is this somebody
>> trying to attack your computer, or to spam you? If your email address
>> was munged, how did you get the log - is thing.dyndns.org a real
>> domain?
>
>try doing a nslookup on thing.dyndns.org
>
>Non-authoritative answer:
>Name: thing.dyndns.org
>Address: 203.96.144.72
>
>Although the domain has no MX records so mail servers should not be
>sending to it anyway. The logs simply show someone trying to deliver an
>email to that address, not much to it really, obviously the person is
>running the server or has access to the logs.
>
Mail does NOT need an MX record. It can and often does use an A
record.

Cheers,

Cliff

thing wrote:
> Hmmm wrote:
>
> 8><----
>
>>> Yes, email has worked fine for 5 years, it has a wildcard setting in
>>> DNS, seems to work fine. Interesting how quickly it picked up the
>>> email address out of the NZ news groups.
>>
>>
>>
>> that maybe, but lots of email servers will simply not send to it due
>> to a lack of mx records, and most should not be accepting mail from
>> you due to a lack of mx records, and of course loads simply dont
>> accept email from dynamic ip's etc etc the list goes on and on
>
>
> Proof in your statement? conjecture, that I believe does not stand up to
> fact, I can send to gmail, yahoo, msn and hotmail without issue. I have
> yet to see or hear of such a problem elsewhere as well. I work as a sys
> admin with mail servers sending and receiving in excess of a million
> emails a month so my experience does not agree with your assessment.
>
> Most servers do not care what they send TO, more are concerned with what
> they receive FROM. Problem is scale, there are rbl services that you can
> subscribe to to block cable and adsl modem pools, but by default I do
> not think many do, a greylist is more effective and workable IMHO (see
> below).
>
> I do not have a not a dynamic IP, it is an agreed static with my
> provider ssince 1999, more accurately I think you mean from a modem
> pool....
>
> At work we block IP's from non-NZ modem pools, that stopped 292,000 spam
> last month....so I can understand why email servers would though.
>
> We do not block NZ modem pools as lots of small businesses now run email
> servers off adsl and cable connections, so we simply cannot, it would
> cause a riot. We do insist that the mail servers are in a resolvable
> domain and that things like helo msg contains the FQDN.
>
> I certainly have zero problems mailing anywhere I want at present,
> though soon I will be getting a proper domain and hence MX record, as I
> agree I need to become more formalised both in that I want my own domain
> and that sooner or later things like no MX record and SPF will make my
> present system un-workable. All due to spammers!
>
> regards
>
> Thing
>
>

You are joking right?

You havent even managed to setup your mail server correctly... it has no
mx records!! come on, be sensible.

i know for a fact there are servers that would reject mail from you,
mine would for a start, one cause you are on a dyndns domain and 2
because you havent even set up your server properly (no mx records)

i can direct you to some mail server guides for dummies if you want,
that explain about setting up mx records etc








>
>
>
>
>
>
>


----== Posted via Newsfeeds.Com - Unlimited-Uncensored-Secure Usenet News==----
http://www.newsfeeds.com The #1 Newsgroup Service in the World! >100,000 Newsgroups
---= East/West-Coast Server Farms - Total Privacy via Encryption =---

Hmmm wrote:

8><----

>
> You are joking right?

lol, no I am serious.

> You havent even managed to setup your mail server correctly... it has no
> mx records!! come on, be sensible.

MX records are not essential for MTA's to work, proof is below.

> i know for a fact there are servers that would reject mail from you,
> mine would for a start, one cause you are on a dyndns domain and 2
> because you havent even set up your server properly (no mx records)

The server is correctly setup, its the DNS that is not. An MX record
tells the originating server what host to connect to within the domain
to deliver mail, not where the mail is from. I have a wild card for my
domain which achieves the same thing.

Point in fact, we have 3 SMTP servers (shortly to become 4), the MX(s)
are the incoming server(s) (x2), the outgoing server is not a MX record,
yet guess what mail works.

> i can direct you to some mail server guides for dummies if you want,
> that explain about setting up mx records etc

lol, no thanks I know how to set them up in fact I think you need some
education.

Take this domain, note terror is not in any shape or form in the MX records.

Terror is the outgoing server, then followed by a MX record lookup for
the domain,

[thing@kaitan thing]$ nslookup
> terror.vuw.ac.nz
Server: 192.168.0.100
Address: 192.168.0.100#53

Non-authoritative answer:
Name: terror.vuw.ac.nz
Address: 130.195.86.21
> set type=mx
> vuw.ac.nz
Server: 192.168.0.100
Address: 192.168.0.100#53

Non-authoritative answer:
vuw.ac.nz mail exchanger = 10 logan.vuw.ac.nz.
vuw.ac.nz mail exchanger = 5 mitre.vuw.ac.nz.

Authoritative answers can be found from:
vuw.ac.nz nameserver = circa.mcs.vuw.ac.nz.
vuw.ac.nz nameserver = pubsec.domainz.net.nz.
vuw.ac.nz nameserver = totara.its.vuw.ac.nz.
vuw.ac.nz nameserver = downstage.mcs.vuw.ac.nz.
vuw.ac.nz nameserver = rata.vuw.ac.nz.
logan.vuw.ac.nz internet address = 130.195.86.22
mitre.vuw.ac.nz internet address = 130.195.86.116
circa.mcs.vuw.ac.nz internet address = 130.195.5.12
pubsec.domainz.net.nz internet address = 202.46.160.4
totara.its.vuw.ac.nz internet address = 130.195.2.249
downstage.mcs.vuw.ac.nz internet address = 130.195.6.10
rata.vuw.ac.nz internet address = 130.195.2.11

>server rata.vuw.ac.nz
Default server: rata.vuw.ac.nz
Address: 130.195.2.11#53
> vuw.ac.nz
Server: rata.vuw.ac.nz
Address: 130.195.2.11#53

vuw.ac.nz mail exchanger = 10 logan.vuw.ac.nz.
vuw.ac.nz mail exchanger = 5 mitre.vuw.ac.nz.

By your reasoning most large mail systems would not work, guess what
they do.

regards

Thing

Enkidu wrote:
> On Fri, 29 Oct 2004 14:04:05 +1300, Hmmm <> wrote:
>
>
>>Sue Bilstein wrote:
>>
>>>On Fri, 29 Oct 2004 06:50:58 +1300, thing
>>><> wrote:
>>>
>>>
>>>
>>>>Oct 29 06:30:17 katrina sm-mta[3246]: i9SHUGPO003246:
>>>><>. .. User unknown
>>>>Oct 29 06:30:17 katrina sm-mta[3246]: i9SHUGPO003246:
>>>>from=<>, size=0, class=0, nrcpts=0, proto=SMTP,
>>>>daemon=MTA, relay=bigbird.whtech.com [64.125.72.2]
>>>>
>>>>
>>>>Oct 29 06:41:04 katrina sm-mta[3277]: i9SHf3PO003277:
>>>><>. .. User unknown
>>>>Oct 29 06:41:04 katrina sm-mta[3277]: i9SHf3PO003277:
>>>>from=<>, size=0, class=0, nrcpts=0, proto=SMTP,
>>>>daemon=MTA, relay=bigbird.whtech.com [64.125.72.2]
>>>
>>>
>>>Excuse my ignorance, but what do the logs show? Is this somebody
>>>trying to attack your computer, or to spam you? If your email address
>>>was munged, how did you get the log - is thing.dyndns.org a real
>>>domain?
>>
>>try doing a nslookup on thing.dyndns.org
>>
>>Non-authoritative answer:
>>Name: thing.dyndns.org
>>Address: 203.96.144.72
>>
>>Although the domain has no MX records so mail servers should not be
>>sending to it anyway. The logs simply show someone trying to deliver an
>>email to that address, not much to it really, obviously the person is
>>running the server or has access to the logs.
>>
>
> Mail does NOT need an MX record. It can and often does use an A
> record.
>
> Cheers,
>
> Cliff

I think from memory that an A record maybe essential, think it says
somewhere in the bat book, I forget, Ive read so much stuff on SMTP and
DNS in the last 4 months......

regards

Thing

thing wrote:
> Hmmm wrote:
>
> 8><----
>
>>
>> You are joking right?
>
>
> lol, no I am serious.
>
>> You havent even managed to setup your mail server correctly... it has
>> no mx records!! come on, be sensible.
>
>
> MX records are not essential for MTA's to work, proof is below.
>
>> i know for a fact there are servers that would reject mail from you,
>> mine would for a start, one cause you are on a dyndns domain and 2
>> because you havent even set up your server properly (no mx records)
>
>
> The server is correctly setup, its the DNS that is not. An MX record
> tells the originating server what host to connect to within the domain
> to deliver mail, not where the mail is from. I have a wild card for my
> domain which achieves the same thing.
>
> Point in fact, we have 3 SMTP servers (shortly to become 4), the MX(s)
> are the incoming server(s) (x2), the outgoing server is not a MX record,
> yet guess what mail works.
>
>> i can direct you to some mail server guides for dummies if you want,
>> that explain about setting up mx records etc
>
>
> lol, no thanks I know how to set them up in fact I think you need some
> education.

let me find that guide for dummies on setting up a mail server
i think step 1 was setting up mx records



The point is, that many servers to mx checks because hey guess what?
mail servers are supposed to have mx records pointing at them.

and yes a lot of mail servers will send to a records if they can find no
mx record, but some wont.
and yes lots of mail servers will accept mail without doing any checks
on mx records, but some will.

so why would you setup a domain with no mx records? unless you are lazy
or stupid, or want to take the risk of domains simply dumping messages
from you silenty or simply rejecting it.

i deal with mail server customers everyday that ask why a server is
rejecting mail from them, loads of times the reasons is due to lack of
mx records

anyway if you are having no problems then you have been lucky i guess,
but also remember mail servers often simply vanish messages these days
instead of outright rejecting them so you wouldnt even know if the
server has dont checks on you or not

i can direct you to plenty of infomation on this if you like

>
> Take this domain, note terror is not in any shape or form in the MX
> records.
>
> Terror is the outgoing server, then followed by a MX record lookup for
> the domain,
>
> [thing@kaitan thing]$ nslookup
> > terror.vuw.ac.nz
> Server: 192.168.0.100
> Address: 192.168.0.100#53
>
> Non-authoritative answer:
> Name: terror.vuw.ac.nz
> Address: 130.195.86.21
> > set type=mx
> > vuw.ac.nz
> Server: 192.168.0.100
> Address: 192.168.0.100#53
>
> Non-authoritative answer:
> vuw.ac.nz mail exchanger = 10 logan.vuw.ac.nz.
> vuw.ac.nz mail exchanger = 5 mitre.vuw.ac.nz.
>
> Authoritative answers can be found from:
> vuw.ac.nz nameserver = circa.mcs.vuw.ac.nz.
> vuw.ac.nz nameserver = pubsec.domainz.net.nz.
> vuw.ac.nz nameserver = totara.its.vuw.ac.nz.
> vuw.ac.nz nameserver = downstage.mcs.vuw.ac.nz.
> vuw.ac.nz nameserver = rata.vuw.ac.nz.
> logan.vuw.ac.nz internet address = 130.195.86.22
> mitre.vuw.ac.nz internet address = 130.195.86.116
> circa.mcs.vuw.ac.nz internet address = 130.195.5.12
> pubsec.domainz.net.nz internet address = 202.46.160.4
> totara.its.vuw.ac.nz internet address = 130.195.2.249
> downstage.mcs.vuw.ac.nz internet address = 130.195.6.10
> rata.vuw.ac.nz internet address = 130.195.2.11
>
> >server rata.vuw.ac.nz
> Default server: rata.vuw.ac.nz
> Address: 130.195.2.11#53
> > vuw.ac.nz
> Server: rata.vuw.ac.nz
> Address: 130.195.2.11#53
>
> vuw.ac.nz mail exchanger = 10 logan.vuw.ac.nz.
> vuw.ac.nz mail exchanger = 5 mitre.vuw.ac.nz.
>
> By your reasoning most large mail systems would not work, guess what
> they do.
>
> regards
>
> Thing
>
>
>
>
>


----== Posted via Newsfeeds.Com - Unlimited-Uncensored-Secure Usenet News==----
http://www.newsfeeds.com The #1 Newsgroup Service in the World! >100,000 Newsgroups
---= East/West-Coast Server Farms - Total Privacy via Encryption =---

On Sat, 30 Oct 2004 18:07:33 +1300, thing
<> wrote:

>Enkidu wrote:
>>
>> Mail does NOT need an MX record. It can and often does use an A
>> record.
>>
>
>I think from memory that an A record maybe essential, think it says
>somewhere in the bat book, I forget, Ive read so much stuff on SMTP and
>DNS in the last 4 months......
>
Well, yeah, eventually! <grin> An MX record is a type of alias (CNAME
if you like) and *must* refer to another record which *must* be an A
record.

Cheers,

Cliff