--On October 14, 2006 1:44:04 AM -0400 [EMAIL PROTECTED] wrote: > On Fri, 13 Oct 2006 22:52:12 CDT, you said: > >> I'm not sure what you mean by "split inbound and outbound", but any >> outbound MX host *should* be listed in DNS. > > Tell you what. Explain what an *OUTBOUND* MX is, and I'll see what I > can do. > > The machine in question is *NOT* listed as an MX, because it is *NOT* a > machine that should be accepting *inbound* mail for the domain. Its > purpose in life is to send mail to off-campus sites. > It appears that what you're missing is that this one "flaw" is not enough to get mail rejected by policyd-weight. Policyd-weight, much like SA, works on cumulative scoring. One "bad" thing isn't going to get your mail rejected. But, in general, spam, viruses, phishing scams, et. al. will not only not be listed as an MX in DNS, they also won't reverse. They also forge the domain. They also lie about the sender domain. They also come from dialups or from known "spammy" servers. So, the *cumulative* effect is that the mail gets rejected.
One "flaw" such as a missing MX record is not going to cause a problem. Paul Schmehl ([EMAIL PROTECTED]) Adjunct Information Security Officer The University of Texas at Dallas http://www.utdallas.edu/ir/security/ The sender believes that this E-mail and any attachments were free of any virus, worm, Trojan horse, and/or malicious code when sent. This message and its attachments could have been infected during transmission. By reading the message and opening any attachments, the recipient accepts full responsibility for taking protective and remedial action about viruses and other defects. The sender's employer is not liable for any loss or damage arising in any way from this message or its attachments.
<<application/ms-tnef>>
------------------------------------------------------------------------------ This List Sponsored by: Black Hat Attend the Black Hat Briefings & Training USA, July 29-August 3 in Las Vegas. World renowned security experts reveal tomorrow's threats today. Free of vendor pitches, the Briefings are designed to be pragmatic regardless of your security environment. Featuring 36 hands-on training courses and 10 conference tracks, networking opportunities with over 2,500 delegates from 40+ nations. http://www.blackhat.com ------------------------------------------------------------------------------
