Jerry, Roadrunner has also started returning mail frm mailserver's whose reverse DNS does not resolve. It seems to be a prevention againt the latest virus/spam attacks.
Dave On Tue, Aug 26, 2003 at 02:40:43PM -0400, Jerry Asher wrote: > Last week, I sent a terribly informative and highly salient message to the > list. And it never showed up. (Which is too bad, because the honorable > David Savimbi, nephew of Jonas tells me his offer has since expired.) > > This week qmail returned it to me, something at aol did not like an IP > Name address lookup. I am thinking this is a reverse DNS lookup, but I am > not sure. > > A few minutes ago, I sent a copy of this post (I did this using a non > gell-man technique) to the list, and I can see it sitting in qmail's queue. > The reason it's there now, is the same as it was seven days ago: > > [EMAIL PROTECTED]>: > Connected to 152.163.216.7 but sender was rejected. > Remote host said: 450 4.7.1 Access temporarily denied. IP name lookup failed > [192.25.138.230] > > I've long posted to this list (as I am sure many of you regret), and my > mailserver has never had the reverse dns pointing to theashergroup. It > hasn't been a problem in the past. Is this a reverse dns check or something > else? > > What's going on, and where? Is it with listserv, or with aol.com's > servers, or with mine? > > Thanks, > > > Jerry > > > > Hi. This is the qmail-send program at moe.theashergroup.com. > I'm afraid I wasn't able to deliver your message to the following addresses. > This is a permanent error; I've given up. Sorry it didn't work out. > > <[EMAIL PROTECTED]>: > Connected to 152.163.216.7 but sender was rejected. > Remote host said: 450 4.7.1 Access temporarily denied. IP name lookup failed > [192.25.138.230] > I'm not going to try again; this message has been in the queue too long. > > --- Below this line is a copy of the message. > > Return-Path: <[EMAIL PROTECTED]> > Received: (qmail 10798 invoked by uid 99); 19 Aug 2003 17:00:37 -0000 > Received: from 68.3.55.171 > (SquirrelMail authenticated user jerry) > by postoffice.theashergroup.com with HTTP; > Tue, 19 Aug 2003 10:00:37 -0700 (MST) > Message-ID: > <[EMAIL PROTECTED]> > In-Reply-To: <[EMAIL PROTECTED]> > References: <[EMAIL PROTECTED]> > <[EMAIL PROTECTED]> > Date: Tue, 19 Aug 2003 10:00:37 -0700 (MST) > Subject: Re: [AOLSERVER] is ns_conn peeraddr spoofable? > From: "Jerry Asher" <[EMAIL PROTECTED]> > To: "AOLserver Discussion" <[EMAIL PROTECTED]> > User-Agent: SquirrelMail/1.4.0 > MIME-Version: 1.0 > Content-Type: text/plain;charset=iso-8859-1 > X-Priority: 3 > Importance: Normal > > > In fact there are four address-filtering rules your router should use: > > - Drop a packet from the WAN with a LAN source address > > - Drop a packet from the WAN without a LAN destination address > > - Drop a packet from the LAN without a LAN source address > > - Drop a packet from the LAN with a LAN destination address > > > > In fact, a day or two ago, I sent an email to various authors of Blaster > articles saying that the DSL and Cable companies should do exactly this on > their routers (and others things they could do) for basic consumer > accounts. This would dramatically reduce many attacks and the reward for > hijacking a machine. It would also make attacks much more easily traced. > > This wouldn't have stopped Blaster, but my basic thesis is that the > Cable/DSL providers have as much blame and arguably more so for providing > a shoddy product as Microsoft. > > Jerry > > > -- > AOLserver - http://www.aolserver.com/ > > To Remove yourself from this list, simply send an email to <[EMAIL PROTECTED]> with > the > body of "SIGNOFF AOLSERVER" in the email message. You can leave the Subject: field > of your email blank. > -- Dave Bauer [EMAIL PROTECTED] http://www.thedesignexperience.org -- AOLserver - http://www.aolserver.com/ To Remove yourself from this list, simply send an email to <[EMAIL PROTECTED]> with the body of "SIGNOFF AOLSERVER" in the email message. You can leave the Subject: field of your email blank.
