On Thu, 9 Dec 2010, Karsten Br?ckelmann wrote:
On Thu, 2010-12-09 at 14:43 -0800, John Hardin wrote:
It appears that a client can easily set up hosting using cPanel or
something without ever setting the rDNS or hostname to anything other
than the numeric default.
Is there anything in the headers that indicates cpanel is in use? Perhaps
a meta on cpanel
Proof a mail system has been set up and is being maintained by clicking
through a simple UI system. Strong hint the operator doesn't know much
about such systems, and likely not about properly securing auth either.
+ dynamic-looking-rDNS would be worth a negative point or two...
Plus proof the operator indeed doesn't know, or doesn't care. You think
that's worth a negative score?
Probably not. Just throwing ideas out.
--
John Hardin KA7OHZ http://www.impsec.org/~jhardin/
jhar...@impsec.org FALaholic #11174 pgpk -a jhar...@impsec.org
key: 0xB8732E79 -- 2D8C 34F4 6411 F507 136C AF76 D822 E6E6 B873 2E79
-----------------------------------------------------------------------
You cannot bring about prosperity by discouraging thrift. You
cannot help small men by tearing down big men. You cannot
strengthen the weak by weakening the strong. You cannot lift the
wage-earner by pulling down the wage-payer. You cannot help the
poor man by destroying the rich. You cannot keep out of trouble by
spending more than your income. You cannot further the brotherhood
of man by inciting class hatred. You cannot establish security on
borrowed money. You cannot build character and courage by taking
away men's initiative and independence. You cannot help men
permanently by doing for them what they could and should do for
themselves. -- William J. H. Boetcker
-----------------------------------------------------------------------
6 days until Bill of Rights day
