On Thu, 12 Feb 2009, Ned Slider wrote:
John Hardin wrote:
On Wed, 11 Feb 2009, Ned Slider wrote:
> If every server used Postfix in it's default configuration then
> backscatter wouldn't exist.
Question: if a relay MTA accepts a forged-sender message for another
domain, attempts to deliver it, gets an SMTP 5xx hardfail for unknown
recipient, and attempts to deliver a DSN to the (forged) sender, do you
consider that backscatter?
Yes, that's backscatter.
Good question. Firstly no MTA should be set up to act as an open relay
by default
Agreed.
How often is relay filtering based solely on IP address or authentication,
though? How often is sender-address egress filtering performed on
authenticated SMTP sessions, vs. just saying "You're authenticated? Yeah,
we'll relay whatever you want!"
Note, I don't see a _lot_ of that type of backscatter, but I _do_ see it.
therefore any relay functions must have been specifically configured by
the mail admin. My understanding is that best practice should always be
to maintain a list of valid relay recipients for domains you relay mail
to
Huh? My mail server relays messages from my home network to the entire
world. I'm not talking about custom relays.
ITYM "relay _for_".
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhar...@impsec.org FALaholic #11174 pgpk -a jhar...@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
End users want eye candy and the "ooo's and aaaahhh's" experience
when reading mail. To them email isn't a tool, but an entertainment
form. -- Steve Lake
-----------------------------------------------------------------------
Tomorrow: Abraham Lincoln's and Charles Darwin's 200th Birthdays
