Centuries ago, Nostradamus predicted that GrayHat would write on Mon Feb 23
10:39:10 2009:
>
> let's see...
>
> dig capitalone.com MX
>
> ;; QUESTION SECTION:
> ;capitalone.com. IN MX
>
> ;; ANSWER SECTION:
> capitalone.com. 3600 IN MX 10 iron01.capitalone.com.
>
> ......................................................................
>
> ;; ADDITIONAL SECTION:
> iron01.capitalone.com. 3600 IN A 199.244.214.76
>
> ......................................................................
>
> ok.. now let's check one of the MX IPs on senderbase...
>
> dig 76.214.244.199.test.senderbase.org. TXT
>
> ;; QUESTION SECTION:
> ;76.214.244.199.test.senderbase.org. IN TXT
>
> ;; ANSWER SECTION:
> 76.214.244.199.test.senderbase.org. 20220 IN TXT "0-0=1|1=Capital One
> Financial|2=3.8|3=4.7|4=701310|5=CommercialBanks|6=1097799144|7=4|8=1544|9=1|10=Y|20=iron01.|21=capitalone.com|22=Y|23=3.8|24=4.7|25=1049184000|41=1.6|43=1.2|440.25|45N|46=21|48=24|49=1.00|50=Richmond|51=VA|53=US|54=-77.4801|"
> 76.214.244.199.test.senderbase.org. 20220 IN TXT "1-55=37.5409"
>
> ok, the bank has its own mail services and isn't using 3rd party ones so all
> you'll need to do will be adding "Capital One Financial" to your senderbase
> whitelist, removing @email.capitalone.com from the whitelist and then adding
> the capitalone.com domain to the "SPF strict" domains
>
Perhaps there is something that I am failing to understand, but I
don't see how this is safe. The MX servers are the machines to which
your mail to the company should be directed. All you've proven is
that the MX servers belong to the company. But that does not mean
that all legitimate mail coming from the company must be funneled thru
its MX servers. The MX servers receive the mail that you send them;
the mail that they send you could legitimately come from any computer
belonging to the company. Doesn't the above technique risk discarding
legitimate mail? If not, please explain what I am failing to understand.
Jay F. Shachter
6424 N Whipple St
Chicago IL 60645-4111
(1-773)7613784
[email protected]
http://m5.chicago.il.us
"Quidquid latine dictum sit, altum videtur"
------------------------------------------------------------------------------
Open Source Business Conference (OSBC), March 24-25, 2009, San Francisco, CA
-OSBC tackles the biggest issue in open source: Open Sourcing the Enterprise
-Strategies to boost innovation and cut costs with open source participation
-Receive a $600 discount off the registration fee with the source code: SFAD
http://p.sf.net/sfu/XcvMzF8H
_______________________________________________
Assp-user mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/assp-user
