-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Markus Stumpf writes:
On Thu, Jun 02, 2005 at 12:42:35PM -0700, william(at)elan.net wrote:
First I heard of it, but it would sure explain some things as to why I
still receive on my mail server messages for old domains no longer there
that we're not even relaying for. I never kept any statistics though and
don't think its significant (but maybe its just because those domains have
always had less mail than active ones).
I've seen this on some of our central mailservers, too. IMHO this is
because of stale DNS entries in broken DNS caching software. But I have
always wondered why e.g. mail.space.net is spammed with mails for
@space.net even if it is not in the MX list. This is not because of stale
DNS entries (the MX has never been there).
IMHO spammers think that if a mail.example.com exists and accepts mails
(aka port 25 is connected) but is not the MX it may be a "shielded" weak
server and the official best MX runs antispam and antivirus software but the
hidden mailserver is an easy victim.
aha, that's it, you're right. This is the Postini recommended
configuration, from what I've heard, so that probably explains it.
(handy to know, if you're running into Postini FP'ing on your mail ;)
e.g.:
: jm 358...; dig infoworld.com mx
; <<>> DiG 9.2.4 <<>> infoworld.com mx
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50691
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 4, ADDITIONAL: 4
;; QUESTION SECTION:
;infoworld.com. IN MX
;; ANSWER SECTION:
infoworld.com. 86400 IN MX 300
infoworld.com.s8b1.psmtp.com.
infoworld.com. 86400 IN MX 400
infoworld.com.s8b2.psmtp.com.
infoworld.com. 86400 IN MX 100
infoworld.com.s8a1.psmtp.com.
infoworld.com. 86400 IN MX 200
infoworld.com.s8a2.psmtp.com.
;; AUTHORITY SECTION:
infoworld.com. 40465 IN NS ns1.infoworld.com.
infoworld.com. 40465 IN NS ns1.infoworldtestcenter.com.
infoworld.com. 40465 IN NS ns2.infoworld.com.
infoworld.com. 40465 IN NS ns3.infoworld.com.
;; ADDITIONAL SECTION:
ns1.infoworld.com. 20056 IN A 64.95.97.72
ns1.infoworldtestcenter.com. 98495 IN A 207.217.205.3
ns2.infoworld.com. 32907 IN A 206.14.107.138
ns3.infoworld.com. 32907 IN A 206.14.107.135
;; Query time: 31 msec
;; SERVER: 204.127.198.19#53(204.127.198.19)
;; WHEN: Thu Jun 2 17:34:44 2005
;; MSG SIZE rcvd: 346
: exit=0 Thu Jun 2 17:34:44 PDT 2005; cd /home/jm/ftp/spamassassin/t
: jm 359...; telnet mail.infoworld.com 25
Trying 64.95.97.93...
Connected to mail1.infoworld.com.
Escape character is '^]'.
220 mail1.infoworld.com ESMTP Postfix (Debian/GNU)
^]
telnet> q
Connection closed.
- --j.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
Comment: Exmh CVS
iD8DBQFCn6XlMJF5cimLx9ARArn5AJ0Qx3vOsoy4UxzvhNuGXB7w+bkImwCeO6Yn
ze2n9vq6shYbBZJdS6U3W3E=
=hKzG
-----END PGP SIGNATURE-----
_______________________________________________
Asrg mailing list
Asrg(_at_)ietf(_dot_)org
https://www1.ietf.org/mailman/listinfo/asrg