[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: OT: spammers are using my domain again



On Fre, 2004-10-08 at 15:45 -0300, Trevor Smith wrote:
> When I'm at home, and I try to send mail through my haligonian.com
> smtp server (hosted in Quebec, remember), I can not succeed (can't
> recall the error and I'm not home now). 

This means that either the company hosting your domain does not allow
you to relay mail from your home account or your telco filters smtp
connections to foreign servers.

The first is a good thing as it also prevents spammers from connecting
to your hosting provider's mail server and forging messages from your
domain. Some years ago the white house's mailserver did not have this
kind of protection and allowed everyone to almost perfectly fake a mail
from the president.

In the latter case, if your telco does not allow connections to foreign
smtp servers they do not provide full-featured internet access and you
should ask them to cease and desist or change your provider.

> So, if I understand SPF correctly (and I may not), the procedure is to list 
> the (IP) addresses of machines that may be running SMTP servers through which 
> I may ever legitimately send an email.

Correct.

> Now, I have no idea how many of those servers there are or  what their
> addresses are.

Should be easy to figure out using an A query (host -t a $smtpserver).

> UNLESS -- SPF only needs simple records (not IP addresses) like:

You could use ptr type records.

> And what about the reports that Microsoft's patents (pending) make the
> whole system suspect?

They affect Sender-ID which was therefore dropped by IETF's MARID
working group.

Tom

-- 
  T h o m a s   Z e h e t b a u e r   ( TZ251 )
  PGP encrypted mail preferred - KeyID 96FFCB89
      finger thomasz hostmaster org for key

We are tied to the ocean. And we go back to the sea, whether it is to sail or
to watch it we are going back from whence we came. - John F. Kennedy



Attachment: signature.asc
Description: This is a digitally signed message part


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]