-----Original Message----- From: Sanford Whiteman Sent: Thursday, November 22, 2012 11:55 AM To: imailad...@bcwebhost.net Subject: Re: [Declude.JunkMail] MX, DNS and other weird stuff
[I'm not subscribed using this address, but it's the only one on my mobile. Pls feel free to forward to the list.] This guy's idea that <host> IN MX <host> is incorrect and "will cause issues" should really get him fired if he's the highest-level tech on this. When you want to set up a proper MX record to catch replies to postmas...@mysmtpserver.example.com, you of course do this by setting up such a record. Otherwise the implication would be that you can never receive mail at the same machine that originated it, but have to come up with some fake additional hostname? Ridiculous. Servers have been set up this way since the old days, when it was common to see addresses like u...@host.example.com (as opposed to just @example.com). Likewise, the idea that an intermediate host that is exempt from anti-spoofing measures can't reroute DNS requests is ridic. This is how our egress filters work: a machine listens using a network monitoring port and sends synthesized replies back if a website is in the block list. (The machine isn't a proxy, it's just listening to the switch's mirroring port in promiscuous mode). However, it is true that you have some complexity in your NSs that you need to work out. If you hadn't asked about interception it wouldn't have been my first guess. When you directly query each NS, what do you get? -- S. --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to imail...@declude.com, and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.