On Mon, 4 May 2009, Michael Scheidell wrote:
No, actually, 'exampleBETA.tld' is invalid.
(hint: without real domain names, no one can help you)
I believe my descriptions are sufficiently precise that knowing the actual
domain names is irrelevant. However, you may substitute 'hwcn.org' for
'alpha' and 'torfree.net' for 'beta' if you wish to test any ideas.
It could be any number of things.. Is 'exmapleBETA.tld' an a record for
the dns servers? Are the dns servers a records for the mx records?
You may presume any combination of A records and CNAME records you wish.
All MX records for torfree.net point to 'mail.torfree.net' (beta). So a
spammer (or anyone else) could only end up trying to make an SMTP
connection to *my* (hwcn.org|alpha) mail server by doing something
'stupid' with the tertiary DNS server entry on the registration for
torfree.net - either:
1) Looking up the "A" record for the tertiary, and just using that, or,
2) Making note of the *name* of our domain (hwcn.org) on the tertiary
listing and looking up our MX by name, in *hopes* that it will accept
mail for 'torfree.net'.
As our MX and DNS are the same server, I wouldn't be able to tell the
difference between the two....
Naturally, our server says 'relaying denied', but I see this sort of
'illegal' lookup of an SMTP server as a great honeypot opportunity...
- C
