le. What also of a domain which has MX record(s) but the hosts
pointed to by those MX records only have records not A records?
Mail from those domains would also be unbouncible if sent to an IPv4
only recipient.
On Sam, 2011-02-26 at 10:51 -0500, David F. Skoll wrote:
[...]
> rfc-ignorant.org is very good at the "Be conservative in what you
> send" part of the Robustness Principle, but no so good at "be liberal
> in what you accept."
The problem with the "be liberal in what you accept" quote is, that
his
On Fre, 2011-02-25 at 09:37 +0100, Giles Coochey wrote:
> On 24/02/2011 21:30, Dominic Benson wrote:
> > On 24 Feb 2011, at 20:01, Michelle Konzack wrote:
> >
> >> Hello Mahmoud Khonji,
> >>
> >> Am 2011-02-23 23:03:46, hacktest Du folgendes herunter:
> >>> A sending mail server should accept ab..
David F. Skoll wrote:
> On Sat, 26 Feb 2011 16:17:28 +0100
> Matus UHLAR - fantomas wrote:
>
> [...]
>
>> ...and we still don't have better standardized and documented way to
>> report abuse, do we?
>
> postmaster@ *has* to be there for sure, so if abuse@ is not, send
> your reports to postmas
On Sat, 26 Feb 2011 16:17:28 +0100
Matus UHLAR - fantomas wrote:
[...]
> ...and we still don't have better standardized and documented way to
> report abuse, do we?
postmaster@ *has* to be there for sure, so if abuse@ is not, send
your reports to postmaster@
I understand what rfc-ignorant.org
> On Fri, 25 Feb 2011 21:55:12 +0100
> Matus UHLAR - fantomas wrote:
> > Incorrect. You must have abuse@addresses iat your domain registration
> > boundary, if you can receive e-mail.
>
> > http://www.rfc-ignorant.org/policy-abuse.php
On 25.02.11 16:04, David F. Skoll wrote:
> That quotes RFC 21
one of the large hosted email providers was listed because they
had their clients use cnames as mx records).
bad dns (where people stop allowing null sender), is iffy. lots of
companies block null sender (and postmaster/mailer-daemon) due to abuse
by sender callouts, so you really can't
David F. Skoll wrote:
> On Fri, 25 Feb 2011 21:55:12 +0100
> Matus UHLAR - fantomas wrote:
>
>> Incorrect. You must have abuse@addresses iat your domain registration
>> boundary, if you can receive e-mail.
>
>> http://www.rfc-ignorant.org/policy-abuse.php
>
> That quotes RFC 2142, which is onl
On Fri, 25 Feb 2011 21:55:12 +0100
Matus UHLAR - fantomas wrote:
> Incorrect. You must have abuse@addresses iat your domain registration
> boundary, if you can receive e-mail.
> http://www.rfc-ignorant.org/policy-abuse.php
That quotes RFC 2142, which is only a proposed standard. rfc-ignorant.o
> Hello Mahmoud Khonji,
>
> Am 2011-02-23 23:03:46, hacktest Du folgendes herunter:
> > A sending mail server should accept ab...@example.com, and number of
On 24.02.11 21:01, Michelle Konzack wrote:
> This is wrong because, only public ISP offering MAILSERVICES must have
> an addresses. The
On 24/02/2011 21:30, Dominic Benson wrote:
On 24 Feb 2011, at 20:01, Michelle Konzack wrote:
Hello Mahmoud Khonji,
Am 2011-02-23 23:03:46, hacktest Du folgendes herunter:
A sending mail server should accept ab...@example.com, and number of
This is wrong because, only public ISP offering MAIL
On 24 Feb 2011, at 20:01, Michelle Konzack wrote:
> Hello Mahmoud Khonji,
>
> Am 2011-02-23 23:03:46, hacktest Du folgendes herunter:
>> A sending mail server should accept ab...@example.com, and number of
>
> This is wrong because, only public ISP offering MAILSERVICES must have
> an addres
Hello Joseph Brennan,
Am 2011-02-24 09:43:24, hacktest Du folgendes herunter:
> I have no sense of how productive this would be. Have you looked up
> a good sample of sender domains and found that spammers are significantly
> less likely to have an MX? That would make it interesting to check.
D
Hello Mahmoud Khonji,
Am 2011-02-23 23:03:46, hacktest Du folgendes herunter:
> A sending mail server should accept ab...@example.com, and number of
This is wrong because, only public ISP offering MAILSERVICES must have
an addresses. The only one required, is the which
is clearly writte in
Multiple comments ...
I just want Spamassassin to check if there is a MX Record in DNS for
the sender.
I have no sense of how productive this would be. Have you looked up
a good sample of sender domains and found that spammers are significantly
less likely to have an MX? That would make it
On Thu, 24 Feb 2011 09:48:21 +0100
Bernd Petrovitsch wrote:
> On Mit, 2011-02-23 at 18:48 +, RW wrote:
> > On Wed, 23 Feb 2011 19:30:20 +0100
> [...]
> > That's true for person to person mail, but there are kinds of mail
> > where loss is inconsequential and no-one is going to read the DSNs
On Thu, 24 Feb 2011 09:49:43 +0100, Bernd Petrovitsch
>> And postmas...@example.com is _required_.
> So all sender-only domains should simply put on rfc-ignorant.org.
not really a fault of rfc-ignorant that it will be disabled default in
upcomming next version of spamassassin, but mx scoreing is
On Mit, 2011-02-23 at 11:08 -0800, John Hardin wrote:
> On Wed, 23 Feb 2011, Mahmoud Khonji wrote:
>
> > It is against best practices to have a send-only domain.
> >
> > A sending mail server should accept ab...@example.com, and number of
> > other IDs according to best practices.
>
> And postma
On Mit, 2011-02-23 at 18:48 +, RW wrote:
> On Wed, 23 Feb 2011 19:30:20 +0100
[...]
> That's true for person to person mail, but there are kinds of mail
> where loss is inconsequential and no-one is going to read the DSNs
> e.g. newsletters.
Sounds like a spammer? SCNR
And that's a dec
On 02/23, Henry | Security Division wrote:
> Being able to detect domains that never accept email offers many
^^^
> Then you will reject Mails from nearly ANY big ISPs because they have
> seperated OUT-BOUND and IN-BOUND servers...
cause they have
> seperated OUT-BOUND and IN-BOUND servers...
>
> Ans OUT-BOUND servers will not receive mails.
>
> Thanks, Greetings and nice Day/Evening
> Michelle Konzack
>
Hi Michelle,
I think you didn?t understand what I want. I don?t want to check if the
sender domai
On Wed, 23 Feb 2011 18:48:51 +
RW wrote:
> That's true for person to person mail, but there are kinds of mail
> where loss is inconsequential and no-one is going to read the DSNs
> e.g. newsletters.
Strongly disagree.
If you're sending newsletters, you'd *darn better* have a bounce-processo
On Wed, 23 Feb 2011 23:03:46 +0400
Mahmoud Khonji wrote:
> However, since many legit senders ignore this, it turns out that FP
> rate is too high for now.
I am unaware of a single FP from our policy of rejecting
MAIL FROM: where example.org lacks MX, A and records.
Do you have an example o
On Wed, 23 Feb 2011, Mahmoud Khonji wrote:
It is against best practices to have a send-only domain.
A sending mail server should accept ab...@example.com, and number of
other IDs according to best practices.
And postmas...@example.com is _required_.
--
John Hardin KA7OHZ
It is against best practices to have a send-only domain.
A sending mail server should accept ab...@example.com, and number of
other IDs according to best practices.
However, since many legit senders ignore this, it turns out that FP
rate is too high for now.
On 2/23/11, Michelle Konzack wrote:
records. Sendmail does that by default.
Blocking simply for a lack of MX records is wrong, however.
[Note: I refer to the domain part of the envelope sender here. It
has nothing to do with the domain name of the machine doing the
sending.]
I agree on all accounts. If one receives a
You are confusing servers with *domains*. It's perfectly acceptable that
an outgoing mail server not accept incoming mail but the issue here is
whether is it is valid for a *domain* to be "send-only".
It's an interesting question. For DSN's to work, you need to accept
email for that domain. But is
AAA records. Sendmail does that by default.
> > Blocking simply for a lack of MX records is wrong, however.
> > [Note: I refer to the domain part of the envelope sender here. It
> > has nothing to do with the domain name of the machine doing the
> > sending.]
>
>
David F. Skoll writes:
> Well... any domain that sends mail must be prepared to receive it
> also, if only to receive DSNs.
> It is routine to block mail from a sending domain if it lacks MX, A and
> records. Sendmail does that by default.
> Blocking simply for a lack of MX r
Hello Henry | Security Division,
Am 2011-02-23 13:50:19, hacktest Du folgendes herunter:
> This is also very interesting, Michael:
>
> (From the RFC link I sent before)
>
> Being able to detect domains that never accept email offers many
> resource savings to an SMTP server. In the first instanc
ain if it lacks MX, A and
records. Sendmail does that by default.
Blocking simply for a lack of MX records is wrong, however.
[Note: I refer to the domain part of the envelope sender here. It has
nothing to do with the domain name of the machine doing the sending.]
Regards,
David.
Hello Henry | Security Division,
Am 2011-02-23 12:59:58, hacktest Du folgendes herunter:
> Hi Martin,
>
> i know what you mean. Your sender domain is gregorie.org. There are
> two MX records in your DNS Zone. So that´s fine. I just want
> Spamassassin to flag mails from senders
Hello Henry | Security Division,
Am 2011-02-23 11:24:27, hacktest Du folgendes herunter:
> I have a question. Is it possible to check with a Spamassassin rule
> for existing MX records of a sender domain and give points if the MX
> records exist or not exist?
The problem, is that a MX
On 02/23, Mark Martinec wrote:
> reject_unknown_sender_domain
>
> Reject the request when Postfix is not final destination for the sender
> address, and the MAIL FROM address has no DNS A or MX record, or when
> it has a malformed MX record such as a record with a zero-length MX
> hostname
On Wed, 23 Feb 2011 08:44:45 -0500, dar...@chaosreigns.com wrote:
On 02/23, Michael Scheidell wrote:
>http://tools.ietf.org/html/draft-delany-nullmx-00
>
read the rfc again. missing mx is not NULL mx.
Also, that's a *draft*, not an accepted standard.
And I'm curious if you are asking the que
Darxus,
> And I'm curious if you are asking the question you mean to. What exactly
> is the way postfix checks this? Specifically, I'm wondering if you're
> referring to reject_unknown_client, which I've used for years, and which
> does not use MX addresses.
>
> I don't know of an option to rej
On 02/23, Michael Scheidell wrote:
> >http://tools.ietf.org/html/draft-delany-nullmx-00
> >
> read the rfc again. missing mx is not NULL mx.
Also, that's a *draft*, not an accepted standard.
And I'm curious if you are asking the question you mean to. What exactly
is the way postfix checks this?
On Wed, 23 Feb 2011 07:44:05 -0500, Michael Scheidell wrote:
On 2/23/11 7:40 AM, Henry | Security Division wrote:
Hi Per,
you are right. I´d just like to check for missing mx records.
Here is a draft RFC about that topic "A NULL MX Resource Record
means
"I never accept ema
On Wed, 2011-02-23 at 12:59 +0100, Henry | Security Division wrote:
> domain gregorie.org -> at least one MX record -> 0 Points
>
Partial FAIL on my part when checking facts for my last message.
I forgot to specify the DNS server used by the host command, so of
course running host from here saw
On Wed, 23 Feb 2011 12:40:21 +, RW wrote:
On Wed, 23 Feb 2011 13:22:22 +0100
Per Jessen wrote:
Henry | Security Division wrote:
> Hi Martin,
>
> i know what you mean. Your sender domain is gregorie.org. There
are
> two MX records in your DNS Zone. So that´s fine.
On 2/23/11 7:40 AM, Henry | Security Division wrote:
Hi Per,
you are right. I´d just like to check for missing mx records.
Here is a draft RFC about that topic "A NULL MX Resource Record means
"I never accept email""
http://tools.ietf.org/html/draft-delany-nullmx-00
(or should) be used, which comes from a
time
before MX records existed... non-existent domain is already a
standard
MTA check anyway...
Yup! And I just want Spamassassin to check for the MX records. Not more
:-). I know that checking for missing MX records is possible wioth
postfix, but postfix
On Wed, 23 Feb 2011 13:22:22 +0100, Per Jessen wrote:
Henry | Security Division wrote:
Hi Martin,
i know what you mean. Your sender domain is gregorie.org. There are
two MX records in your DNS Zone. So that´s fine. I just want
Spamassassin to flag mails from senders who have no MX Records
On Wed, 23 Feb 2011 13:22:22 +0100
Per Jessen wrote:
> Henry | Security Division wrote:
>
> > Hi Martin,
> >
> > i know what you mean. Your sender domain is gregorie.org. There are
> > two MX records in your DNS Zone. So that´s fine. I just want
> > Spa
On 23/02/2011 13:22, Per Jessen wrote:
Henry | Security Division wrote:
The "default" MX is the A-record for the domain.
Quite, not having an MX record does not really mean anything as the A
record for the domain would (or should) be used, which comes from a time
before MX recor
Henry | Security Division wrote:
> Hi Martin,
>
> i know what you mean. Your sender domain is gregorie.org. There are
> two MX records in your DNS Zone. So that´s fine. I just want
> Spamassassin to flag mails from senders who have no MX Records. I
> have tested this anti
Hi Martin,
i know what you mean. Your sender domain is gregorie.org. There are two
MX records in your DNS Zone. So that´s fine. I just want Spamassassin to
flag mails from senders who have no MX Records. I have tested this
anti-spam mechanism in a big environment on a commercial mailgateway
On Wed, 2011-02-23 at 11:24 +0100, Henry | Security Division wrote:
> Hi list,
>
> I have a question. Is it possible to check with a Spamassassin rule for
> existing MX records of a sender domain and give points if the MX records
> exist or not exist?
>
> I know
On Wed, 23 Feb 2011 11:36:57 +0100, Giles Coochey wrote:
On 23/02/2011 11:24, Henry | Security Division wrote:
Hi list,
I have a question. Is it possible to check with a Spamassassin rule
for existing MX records of a sender domain and give points if the MX
records exist or not exist?
I know
On 23/02/2011 11:24, Henry | Security Division wrote:
Hi list,
I have a question. Is it possible to check with a Spamassassin rule
for existing MX records of a sender domain and give points if the MX
records exist or not exist?
I know that such a check is possible with Postfix, but I don´t
Hi list,
I have a question. Is it possible to check with a Spamassassin rule for
existing MX records of a sender domain and give points if the MX records
exist or not exist?
I know that such a check is possible with Postfix, but I don´t want to
reject mails right away. I just want to "
On 8/15/07, Wil Hatfield - HyperConX <[EMAIL PROTECTED]> wrote:
> >
> > This is the biggest problem with "fake" MX records for me. If your
> > primary MX is not available, you will simply lose mail from some
> > senders. It's entirely their "
>
> This is the biggest problem with "fake" MX records for me. If your
> primary MX is not available, you will simply lose mail from some
> senders. It's entirely their "fault" for violating the RFCs but the
> mail is still lost, and it isn't e
better idea about what's working on my servers than you
do. Having fake high and low MX records will get rid of almost all of
your bot spam. It's that easy.
Maybe, if you weren't just trying to troll, you wouldn't ask for what
others "attribute your success to" and
John D. Hardin wrote:
On Wed, 15 Aug 2007, Richard Frovarp wrote:
Michael Scheidell wrote:
Yes, and some systems might not ever send you email (they violate
RFC's)
We've had one issue with this. ... There was on weird mailer that
is being used that doesn't try other MXs. We w
On Wed, 15 Aug 2007, Richard Frovarp wrote:
> Michael Scheidell wrote:
>
> > Yes, and some systems might not ever send you email (they violate
> > RFC's)
>
> We've had one issue with this. ... There was on weird mailer that
> is being used that doesn't try other MXs. We were able to get past
>
On 15 Aug 2007, Marc Perkel uttered the following:
> I'm doing it and I'm not losing email from any senders.
How can you possibly tell? You mean `none of the senders who I may have
lost email from have noticed it and complained, or at least none have
been able to get through to me to complain'.
T
Michael Scheidell wrote:
-Original Message-
From: ram [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 14, 2007 6:07 AM
To: users@spamassassin.apache.org
Subject: fake MX records
http://wiki.apache.org/spamassassin/OtherTricksthis page mentions
setting up fake MXes
Is this
Aaron Wolfe wrote:
On 8/14/07, Michael Scheidell <[EMAIL PROTECTED]> wrote:
-Original Message-
From: ram [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 14, 2007 6:07 AM
To: users@spamassassin.apache.org
Subject: fake MX records
http://wiki.apache.org/spamas
y servers than you
do. Having fake high and low MX records will get rid of almost all of
your bot spam. It's that easy.
Aaron Wolfe wrote:
On 8/14/07, Michael Scheidell <[EMAIL PROTECTED]> wrote:
-Original Message-
From: ram [mailto:[EMAIL PROTECTED]
Sent: Tuesday, August 14, 2007 6:07 AM
To: users@spamassassin.apache.org
Subject: fake MX records
http://wiki.apache.org/spamassassin/Other
On 8/14/07, Michael Scheidell <[EMAIL PROTECTED]> wrote:
>
>
> > -Original Message-
> > From: ram [mailto:[EMAIL PROTECTED]
> > Sent: Tuesday, August 14, 2007 6:07 AM
> > To: users@spamassassin.apache.org
> > Subject: fake MX records
>
Marc Perkel wrote on Tue, 14 Aug 2007 14:52:22 -0700:
> So what do you attribute my success in getting rid of all bot spam to?
As I don't know your setup this would be pure speculation. However, as *I*
am not using fake MXs, but several other MTA techniques and see not much
Botnet spam either I
On 8/14/2007 5:52 PM, Marc Perkel wrote:
Kai Schaetzl wrote:
Marc Perkel wrote on Tue, 14 Aug 2007 07:13:16 -0700:
I'm using it on 1600 domains and it definitely works. I get not bot spam
at all.
I doubt that this is because you have a fake low MX.
Kai
So what do you attribut
Kai Schaetzl wrote:
Marc Perkel wrote on Tue, 14 Aug 2007 07:13:16 -0700:
I'm using it on 1600 domains and it definitely works. I get not bot spam
at all.
I doubt that this is because you have a fake low MX.
Kai
So what do you attribute my success in getting rid of all bot spa
Marc Perkel wrote on Tue, 14 Aug 2007 07:13:16 -0700:
> I'm using it on 1600 domains and it definitely works. I get not bot spam
> at all.
I doubt that this is because you have a fake low MX.
Kai
--
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive
Kshatriya wrote:
On Tue, 14 Aug 2007, ram wrote:
The page says the primary MX should not be accepting connections at all.
Has anyone else tried this , will this cause delay in my mail
It almost doesn't work anymore. Better try adaptive greylisting, with
some whitelists so you don't notice
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Kshatriya schrieb:
> On Tue, 14 Aug 2007, ram wrote:
>
>> The page says the primary MX should not be accepting connections at all.
>> Has anyone else tried this , will this cause delay in my mail
>
> It almost doesn't work anymore. Better try adaptiv
On Tue, 14 Aug 2007, ram wrote:
The page says the primary MX should not be accepting connections at all.
Has anyone else tried this , will this cause delay in my mail
It almost doesn't work anymore. Better try adaptive greylisting, with some
whitelists so you don't notice too much of delays.
> -Original Message-
> From: ram [mailto:[EMAIL PROTECTED]
> Sent: Tuesday, August 14, 2007 6:07 AM
> To: users@spamassassin.apache.org
> Subject: fake MX records
>
>
> http://wiki.apache.org/spamassassin/OtherTricksthis page mentions
> setting up fak
http://wiki.apache.org/spamassassin/OtherTricksthis page mentions
setting up fake MXes
Is this method relevant today too with a lot of spam being relayed
through proper smtp channels
The page says the primary MX should not be accepting connections at all.
Has anyone else tried this , will t
* zaine <[EMAIL PROTECTED]> [2005-02-11 15:34]:
> Hi,
> I have setup spamassassin , and the problem that I am having is that the
> check_mx is 2, and for some or other reason mails are'nt being checked.
> Is there any suggestions ?
Zaine,
your problem isn't related with SpamAssassin?
Please t
Hi,
I have setup spamassassin , and the problem that I am having is that the
check_mx is 2, and for some or other reason mails are'nt being checked.
Is there any suggestions ?
Regards
Zaine
73 matches
Mail list logo
