Mailing List Archive
Support open source code!
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: tlug: SMTP and junk email [was: How are they doing this? ]
- To: tlug@example.com
- Subject: Re: tlug: SMTP and junk email [was: How are they doing this? ]
- From: "Stephen J. Turnbull" <turnbull@example.com>
- Date: Mon, 18 Aug 1997 15:58:36 +0900
- In-reply-to: Your message of "Sun, 17 Aug 1997 00:58:18 +0900." <19970817005818.65016@example.com>
- Reply-To: tlug@example.com
- Sender: owner-tlug
--------------------------------------------------------
tlug note from "Stephen J. Turnbull" <turnbull@example.com>
--------------------------------------------------------
>>>>> "Jim" == Jim Tittsler <jwt@example.com> writes:
Jim> On Tue, Aug 12, 1997 at 02:07:54PM +0900, Stephen J. Turnbull wrote:
> bash% telnet 127.0.0.1 25 # 25 is the SMTP TCP port
> HELO your.own.domain # some hosts gethostbyaddress, not all
> ... some protocol reply ...
> MAIL FROM: any.old.address@example.com # this may have been
> # forwarded, eg from UUCP,
> # so nobody checks
Jim> Actually, some sites are checking nowadays. Try this sending
Jim> to gol1.gol.com for example. It fails for at least some
Jim> "nobody.can.check" values. (Like my mww.dyn.ml.org machine.)
What happens if you use the result of "host 1.2.3.4"?
I checked, and see what you mean. I'm not sure this conforms to RFC
1123 which specifically disallows refusing delivery because the HELO
address fails to verify. Anyway, it doesn't do anything unless the
receiving host proceeds to disallow delivery based on source address,
and it can do that at the TCP level. Most of the junk mail I see
comes from dynamic ips at respectable providers; presumably this is
going to pass the test (I have yet to come up with a foolproof regexp
that filters dynamic IP host names and only those; too risky to try).
What really needs to be done, as far as I can see, is to wait until
the "RCPT TO:" and check for several things. Source routing of course
is to be disallowed, and only transfers from "outside" to "inside" or
anything from "inside" should be allowed. But mere failure to verify
the HELO or MAIL FROM addresses means that lots of legitimate mail is
going to be refused, especially by these large relays and gateways
whose users could have correspondents anywhere.
Oh well
Steve
--
Stephen J. Turnbull
Institute of Policy and Planning Sciences Yaseppochi-Gumi
University of Tsukuba http://turnbull.sk.tsukuba.ac.jp/
Tel: +81 (298) 53-5091; Fax: 55-3849 turnbull@example.com
Next TLUG meeting is Saturday October 11, 1997
-----------------------------------------------------------------
a word from the sponsor will appear below
TWICS - Japan's First Public-Access Internet System.
www.twics.com info@example.com Tel:03-3351-5977 Fax:03-3353-6096
- References:
- Re: tlug: SMTP and junk email [was: How are they doing this? ]
- From: Jim Tittsler <jwt@example.com>
- Re: tlug: SMTP and junk email [was: How are they doing this? ]
- Prev by Date: tlug: Ham Fair @ Tokyo Big Sight 8/22~24
- Next by Date: tlug: KPCA 8/20/97
- Prev by thread: Re: tlug: SMTP and junk email [was: How are they doing this? ]
- Next by thread: tlug: tkman
- Index(es):
| Home Page | Mailing List | Linux and Japan | TLUG Members | Links |