Recently, Somebody Somewhere wrote these words
> On Tue, Nov 29, 2005 at 10:42:11AM +0000, Declan Moriarty wrote:
> > Received: from [81.103.221.10] (really [61.173.188.55])
> > by aamta03-winn.ispmail.ntl.com with SMTP
> > id
> > <[EMAIL PROTECTED]
>
> It is very common for a spammer to either pass the hostname of the MX
> record, or the IP of the MX record in an attempt to be trusted.
>
> > Does this mean that NTL are open relays? Or are they just easily
> > fooled?
>
> It would see that your definition of open relay might be skewed. When I
> send an email to [EMAIL PROTECTED], I do not have to be authenticated to
> send mail *to* mail.example.com because the mail server considers itself
> to the the final destination (or at least it is authorized to act as
> such).
>
> Now, let's say you are [EMAIL PROTECTED] and you want to send mail to
> [EMAIL PROTECTED] You are sending mail *through* mail.example.com, not
> *to* it. The mail server is going to pass the baton to a another mail
> server (relay it). Now it wants to know who you, as the sender, are.
> Most ISP's allow your IP to be enough to identify you. If it is an IP
> owned by Example ISP, no authentication configuration is needed. If you
> are travelling, you might need SMTP AUTH, POP before SMTP, or a myriad
> of other methods for the mail server to know who you are before it will
> accept mail from you with a destination other that example.com. If you
> can get around that authentication, or the server doesn't require that
> authentication, then you have an open relay. It openly passes mail
> through it.
>
> Hope that helps!
>
>
Thanks, Archaic. I had 'open relay' about right going by the
above. I'm just flabbergasted that they can be so easily rolled
over with such an emphasis on stopping spam and security these
days.
Spam aside, I have had one email in the last 9 months from ntl.
Esat.net (aka iol.ie) OTOH run spamassassin, dns checks, and a
very tight ship indeed by comparison, and spam is near zero.
--
With best Regards,
Declan Moriarty.
--
http://linuxfromscratch.org/mailman/listinfo/blfs-support
FAQ: http://www.linuxfromscratch.org/blfs/faq.html
Unsubscribe: See the above information page
