Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Computing > NZ Computing > 101 reasons not to use your real email addy in nz newsgroups

Reply
Thread Tools

101 reasons not to use your real email addy in nz newsgroups

 
 
Enkidu
Guest
Posts: n/a
 
      10-30-2004
On Fri, 29 Oct 2004 23:48:18 +1300, steve <(E-Mail Removed)>
wrote:

>thing wrote:
>
>> If your email address
>>> was munged, how did you get the log - is thing.dyndns.org a real
>>> domain?

>>
>> yes, but the user does not exist, so it bounces back as a non-existant
>> user. That is a sample from my mail server logs, I set it as a spam trap.

>
>
>My LogWatch - for 24 hours - shows:
>
>Unknown local users: Total: 122
>Relay attempts from known spammers: Total: 93
>Rejected incoming mail (my criteria): Total: 38
>
>(a couple of other types not included here) Total: 4
>
>Summary: Total Mail Rejected: 256
>

Only 256? You must have been down for, what, about 16 hours?

Cheers,

Cliff
 
Reply With Quote
 
 
 
 
Hmmm
Guest
Posts: n/a
 
      10-30-2004
Enkidu wrote:
> On Fri, 29 Oct 2004 14:04:05 +1300, Hmmm <(E-Mail Removed)> wrote:
>
>
>>Sue Bilstein wrote:
>>
>>>On Fri, 29 Oct 2004 06:50:58 +1300, thing
>>><(E-Mail Removed)> wrote:
>>>
>>>
>>>
>>>>Oct 29 06:30:17 katrina sm-mta[3246]: i9SHUGPO003246:
>>>><(E-Mail Removed)>. .. User unknown
>>>>Oct 29 06:30:17 katrina sm-mta[3246]: i9SHUGPO003246:
>>>>from=<(E-Mail Removed)>, size=0, class=0, nrcpts=0, proto=SMTP,
>>>>daemon=MTA, relay=bigbird.whtech.com [64.125.72.2]
>>>>
>>>>
>>>>Oct 29 06:41:04 katrina sm-mta[3277]: i9SHf3PO003277:
>>>><(E-Mail Removed)>. .. User unknown
>>>>Oct 29 06:41:04 katrina sm-mta[3277]: i9SHf3PO003277:
>>>>from=<(E-Mail Removed)>, size=0, class=0, nrcpts=0, proto=SMTP,
>>>>daemon=MTA, relay=bigbird.whtech.com [64.125.72.2]
>>>
>>>
>>>Excuse my ignorance, but what do the logs show? Is this somebody
>>>trying to attack your computer, or to spam you? If your email address
>>>was munged, how did you get the log - is thing.dyndns.org a real
>>>domain?

>>
>>try doing a nslookup on thing.dyndns.org
>>
>>Non-authoritative answer:
>>Name: thing.dyndns.org
>>Address: 203.96.144.72
>>
>>Although the domain has no MX records so mail servers should not be
>>sending to it anyway. The logs simply show someone trying to deliver an
>>email to that address, not much to it really, obviously the person is
>>running the server or has access to the logs.
>>

>
> Mail does NOT need an MX record. It can and often does use an A
> record.
>
> Cheers,
>
> Cliff


yep i said "should not" NOT "must not" big difference.
Any responsible mail server admin would setup mx records as its a fact
that there are mail servers out there that do not accept mail from
servers without mx records, so by not setting up mx records you are
risking mail silenty being vanished or simply rejected.


----== Posted via Newsfeeds.Com - Unlimited-Uncensored-Secure Usenet News==----
http://www.newsfeeds.com The #1 Newsgroup Service in the World! >100,000 Newsgroups
---= East/West-Coast Server Farms - Total Privacy via Encryption =---
 
Reply With Quote
 
 
 
 
thing
Guest
Posts: n/a
 
      10-30-2004
Hmmm wrote:

8><---

>
> The point is, that many servers to mx checks because hey guess what?
> mail servers are supposed to have mx records pointing at them.


Only incoming, outgoing do not.

> and yes a lot of mail servers will send to a records if they can find no
> mx record, but some wont.
> and yes lots of mail servers will accept mail without doing any checks
> on mx records, but some will.


Given the info below, how will looking up a MX record help? the mail
comes out from terror, which has no MX record pointing to it. So if I
was spoofing within that B class and sending spam, an MX record does what?

My home situation is comparible to the domain, no MX record exists. Any
DNS query points to that one IP so it resolves.

We could argue this all day, lets just agree to disagree.

regards

Thing

>>
>> [thing@kaitan thing]$ nslookup
>> > terror.vuw.ac.nz

>> Server: 192.168.0.100
>> Address: 192.168.0.100#53
>>
>> Non-authoritative answer:
>> Name: terror.vuw.ac.nz
>> Address: 130.195.86.21
>> > set type=mx
>> > vuw.ac.nz

>> Server: 192.168.0.100
>> Address: 192.168.0.100#53
>>
>> Non-authoritative answer:
>> vuw.ac.nz mail exchanger = 10 logan.vuw.ac.nz.
>> vuw.ac.nz mail exchanger = 5 mitre.vuw.ac.nz.
>>
>> Authoritative answers can be found from:
>> vuw.ac.nz nameserver = circa.mcs.vuw.ac.nz.
>> vuw.ac.nz nameserver = pubsec.domainz.net.nz.
>> vuw.ac.nz nameserver = totara.its.vuw.ac.nz.
>> vuw.ac.nz nameserver = downstage.mcs.vuw.ac.nz.
>> vuw.ac.nz nameserver = rata.vuw.ac.nz.
>> logan.vuw.ac.nz internet address = 130.195.86.22
>> mitre.vuw.ac.nz internet address = 130.195.86.116
>> circa.mcs.vuw.ac.nz internet address = 130.195.5.12
>> pubsec.domainz.net.nz internet address = 202.46.160.4
>> totara.its.vuw.ac.nz internet address = 130.195.2.249
>> downstage.mcs.vuw.ac.nz internet address = 130.195.6.10
>> rata.vuw.ac.nz internet address = 130.195.2.11
>>
>> >server rata.vuw.ac.nz

>> Default server: rata.vuw.ac.nz
>> Address: 130.195.2.11#53
>> > vuw.ac.nz

>> Server: rata.vuw.ac.nz
>> Address: 130.195.2.11#53
>>
>> vuw.ac.nz mail exchanger = 10 logan.vuw.ac.nz.
>> vuw.ac.nz mail exchanger = 5 mitre.vuw.ac.nz.
>>
>> By your reasoning most large mail systems would not work, guess what
>> they do.
>>
>> regards
>>
>> Thing
>>
>>
>>
>>
>>

>
>
> ----== Posted via Newsfeeds.Com - Unlimited-Uncensored-Secure Usenet
> News==----
> http://www.newsfeeds.com The #1 Newsgroup Service in the World! >100,000
> Newsgroups
> ---= East/West-Coast Server Farms - Total Privacy via Encryption =---


 
Reply With Quote
 
Hmmm
Guest
Posts: n/a
 
      10-30-2004
<snip>
>
> Proof in your statement? conjecture, that I believe does not stand up to
> fact, I can send to gmail, yahoo, msn and hotmail without issue. I have
> yet to see or hear of such a problem elsewhere as well. I work as a sys
> admin with mail servers sending and receiving in excess of a million
> emails a month so my experience does not agree with your assessment.
>
> Most servers do not care what they send TO, more are concerned with what
> they receive FROM. Problem is scale, there are rbl services that you can
> subscribe to to block cable and adsl modem pools, but by default I do
> not think many do, a greylist is more effective and workable IMHO (see
> below).

<snip>

Greylisting is an interesting idea but I don't like it for these reasons

1) it goes against the recommendations of the smtp rfc
2) I deal with many customers that have servers that deal with 1
million+ messages per day, because these servers are dealing with such
high loads they also have long intervals for retry times. Now I don't
know about you, but I use email because its fast, if i send a message I
want it delivered in a matter of seconds or minutes at most. These
servers that deal in huge amounts can have retry times of 2 hours or 4
hours. So if they connect to a server grey listing they might not try
and send the message again for 4 hours.

if I was on a mail server that was deliberately delaying my mail by
temporarily rejecting my message I would be annoyed

From the experiences of people running mail servers that I have talked
to they had greylisting on but turned it off after complaints from their
customers that mail was taking too long to get to them etc.

I personally think spf and challenge/response tied together is the best
way to go.


----== Posted via Newsfeeds.Com - Unlimited-Uncensored-Secure Usenet News==----
http://www.newsfeeds.com The #1 Newsgroup Service in the World! >100,000 Newsgroups
---= East/West-Coast Server Farms - Total Privacy via Encryption =---
 
Reply With Quote
 
Bok
Guest
Posts: n/a
 
      10-30-2004
Hmmm wrote:
> yep i said "should not" NOT "must not" big difference.
> Any responsible mail server admin would setup mx records as its a fact
> that there are mail servers out there that do not accept mail from
> servers without mx records, so by not setting up mx records you are
> risking mail silenty being vanished or simply rejected.
>


It appears to me you will reject valid senders, if you require the
sender to have a valid MX record in addition to an A, especially for
mail sent from organisations with separate sending and recieving
mail-servers.

Can you point as at the RFC that requires the sender address to have a
valid MX record? Here is an example, note the use of 'or' not 'and' [1]


[1] RFC 1123, section 5.2.2 says:
5.2.2 Canonicalization: RFC-821 Section 3.1
"The domain names that a Sender-SMTP sends in MAIL and RCPT
commands MUST have been "canonicalized," i.e., they must be
fully-qualified principal names or domain literals, not
nicknames or domain abbreviations. A canonicalized name either
identifies a host directly or is an MX name; it cannot be a CNAME."


 
Reply With Quote
 
Hmmm
Guest
Posts: n/a
 
      10-30-2004
Bok wrote:
> Hmmm wrote:
>
>> yep i said "should not" NOT "must not" big difference.
>> Any responsible mail server admin would setup mx records as its a fact
>> that there are mail servers out there that do not accept mail from
>> servers without mx records, so by not setting up mx records you are
>> risking mail silenty being vanished or simply rejected.
>>

>
> It appears to me you will reject valid senders, if you require the
> sender to have a valid MX record in addition to an A, especially for
> mail sent from organisations with separate sending and recieving
> mail-servers.
>
> Can you point as at the RFC that requires the sender address to have a
> valid MX record? Here is an example, note the use of 'or' not 'and' [1]


You did not read, I never said requires, in fact I just hilighted that
in the message you replied to, the first line of what i wrote clearly
spelled that out or at least I thought it did.

I was just merely pointing out that ye there are servers that do this,
so its a wise idea to setup mx records so that you dont risk mail being
rejected. You have nothing to lose by having an mx record and all to gain.


>
>
> [1] RFC 1123, section 5.2.2 says:
> 5.2.2 Canonicalization: RFC-821 Section 3.1
> "The domain names that a Sender-SMTP sends in MAIL and RCPT
> commands MUST have been "canonicalized," i.e., they must be
> fully-qualified principal names or domain literals, not
> nicknames or domain abbreviations. A canonicalized name either
> identifies a host directly or is an MX name; it cannot be a CNAME."
>
>



----== Posted via Newsfeeds.Com - Unlimited-Uncensored-Secure Usenet News==----
http://www.newsfeeds.com The #1 Newsgroup Service in the World! >100,000 Newsgroups
---= East/West-Coast Server Farms - Total Privacy via Encryption =---
 
Reply With Quote
 
Bok
Guest
Posts: n/a
 
      10-30-2004
Hmmm wrote:
> Bok wrote:
>> It appears to me you will reject valid senders, if you require the
>> sender to have a valid MX record in addition to an A, especially for
>> mail sent from organisations with separate sending and recieving
>> mail-servers.
>>
>> Can you point as at the RFC that requires the sender address to have a
>> valid MX record? Here is an example, note the use of 'or' not 'and' [1]

>
> You did not read, I never said requires, in fact I just hilighted that
> in the message you replied to, the first line of what i wrote clearly
> spelled that out or at least I thought it did.


MX records identify routes for incoming mail for a domain, NOT hosts
that can send mail. An MX records will only identify a sending MTA if it
is one that also recieves mail. Is there an RFC that says a sending
MTA's host *SHOULD* have an MX record? I can't find one.

> I was just merely pointing out that ye there are servers that do this,
> so its a wise idea to setup mx records so that you dont risk mail being
> rejected.


I was replying to your statement:
"its a fact that there are mail servers out there that do not accept
mail from servers without mx records"

While it may be the case that they do, that doesn't mean they are
correct. I don't agree that organisations *should* configure their DNS
to suit misconfigured MTAs.

> You have nothing to lose by having an mx record and all to gain.


You do when you don't want incoming mail directed at your outbound only MTA.













 
Reply With Quote
 
Hmmm
Guest
Posts: n/a
 
      10-31-2004
Bok wrote:
> Hmmm wrote:
>
>> Bok wrote:
>>
>>> It appears to me you will reject valid senders, if you require the
>>> sender to have a valid MX record in addition to an A, especially for
>>> mail sent from organisations with separate sending and recieving
>>> mail-servers.
>>>
>>> Can you point as at the RFC that requires the sender address to have
>>> a valid MX record? Here is an example, note the use of 'or' not 'and'
>>> [1]

>>
>>
>> You did not read, I never said requires, in fact I just hilighted that
>> in the message you replied to, the first line of what i wrote clearly
>> spelled that out or at least I thought it did.

>
>
> MX records identify routes for incoming mail for a domain, NOT hosts
> that can send mail. An MX records will only identify a sending MTA if it
> is one that also recieves mail. Is there an RFC that says a sending
> MTA's host *SHOULD* have an MX record? I can't find one.


Correct MX records are for indentifying incoming mail servers.
If you looked at the start of this thread that is what we were talking
about i cant even remember now what the domain was called, but the
domain didn't have mx records and i was merely saying that a domain with
no mx records is a bad thing.
I wasnt saying that a sending mta's host should have an mx record, i was
saying a domain should have an mx record, maybe i didnt make that point
clear, if a domain sends to me i will check it has a valid mx record as
do other servers, if it doesnt i will deny it, as will others.

>
>> I was just merely pointing out that ye there are servers that do this,
>> so its a wise idea to setup mx records so that you dont risk mail
>> being rejected.

>
>
> I was replying to your statement:
> "its a fact that there are mail servers out there that do not accept
> mail from servers without mx records"
>
> While it may be the case that they do, that doesn't mean they are
> correct. I don't agree that organisations *should* configure their DNS
> to suit misconfigured MTAs.


adding mx records for a domain i dont really think is misconfiguring
them, but if you think that then thats your opinion.


>
> > You have nothing to lose by having an mx record and all to gain.

>
> You do when you don't want incoming mail directed at your outbound only
> MTA.


above.

anyway this thread is thrashed and going nowhere, obviously everyone has
differnt opinions , take it easy



>
>
>
>
>
>
>
>
>
>
>
>
>




----== Posted via Newsfeeds.Com - Unlimited-Uncensored-Secure Usenet News==----
http://www.newsfeeds.com The #1 Newsgroup Service in the World! >100,000 Newsgroups
---= East/West-Coast Server Farms - Total Privacy via Encryption =---
 
Reply With Quote
 
Bok
Guest
Posts: n/a
 
      10-31-2004
Hmmm wrote:
> Bok wrote:
>> I was replying to your statement:
>> "its a fact that there are mail servers out there that do not accept
>> mail from servers without mx records"
>>
>> While it may be the case that they do, that doesn't mean they are
>> correct. I don't agree that organisations *should* configure their DNS
>> to suit misconfigured MTAs.


> adding mx records for a domain i dont really think is misconfiguring
> them, but if you think that then thats your opinion.


Now you are putting words into my mouth. I haven't said anywhere that a
domain shoud not have MX records.

In the above, I refered to 'misconfigured MTAs' - specifically MTAs that
reject mail from a sender address with no MX record.

For the record, I employ a range of UCE controls on our postfix MTA,
including: reject_unknown_sender_domain

documented to : "Reject the request when the sender mail address has no
DNS A or MX record"

The two domains I look after both have at least two MX records.

> anyway this thread is thrashed and going nowhere, obviously everyone has
> differnt opinions , take it easy


you are right and take care!


 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
copying contents of billing addy to shipping addy libsfan01 Javascript 4 06-16-2006 04:03 PM
email addy from a web site Lookout Computer Support 3 12-17-2005 04:00 PM
Drew Barrymore addy/address (both snail and email) Quean Computer Support 8 01-17-2005 03:58 AM
Email addy mungeing °Mike° Computer Support 8 07-23-2004 08:41 PM
25 Reasons to Aviod the SD-10 (was 15 Reasons to Aviod the SD-10) Steven M. Scharf Digital Photography 823 07-02-2004 12:55 PM



Advertisments