Sorry, to jump in the discussion at a late point. I'm rather new to this
list.
On Thu, Feb 21, 2002 at 09:40:22AM +0000, Philip Hazel wrote:
> Proposal is to reword the final paragraph to read as follows:
>
> If such a facility is required, it SHOULD instead be done by
> arranging for the hosts listed in a domain's MX records to return
> a 554 error response, either on initial connection, or following a
> RCPT command for an address in a domain for which there is no
> service.
Care should be taken IMHO to keep the wording RFC 2821 (SMTP) compliant.
RFC 2821 Section 3.1 Session Initiation
already specifies a procedure just for that case (3rd paragraph):
The SMTP protocol allows a server to formally reject a transaction
while still allowing the initial connection as follows:
[ ...]
Maybe a referral to the above mentioned Section would be a good idea?
Also:
loopback address have been seen in the DNS. This seems to be a
misguided attempt to specify "no SMTP service for this domain"
more positively than just refusing connections to the SMTP port.
<SIDENOTE>
>From my experience it's more likely that spammers don't have a valid
ip address to point the MX of their domain to. But they need a IP
to pass anti-spam checks, so they use 127.0.0.1 and have the advantage
not to get the bounces back. Btw. I have also seen the use of 0.0.0.0
instead of 127.0.0.1. The impact of 0.0.0.0 on some SMTP daemons is rather
terrible.
</SIDENOTE>
IMHO it would be a good idea to explicitely ban the use of "0.0.0.0"
(haven't found it mentioned in the draft at all) and it probably should
be a MUST NOT.
\Maex
--
SpaceNet AG | Joseph-Dollinger-Bogen 14 | Fon: +49 (89) 32356-0
Research & Development | D-80807 Muenchen | Fax: +49 (89) 32356-299
"The security, stability and reliability of a computer system is reciprocally
proportional to the amount of vacuity between the ears of the admin"
