Re: A simple test for email via IPv6

Ted Mittelstaedt Tue, 30 Apr 2013 02:34:12 -0700

Hi Valeriy,

  Please, please shut this script down immediately until you put
it together properly!


  Here is a transcript of me spamming myself with your script.  Notice

that your script does NO error checking. I transmitted the mailmessage from the Internet Partners public mailserver with my Gmail

address forged as the senders address and your script happily delivered
it to my Gmail address.

  I hope this adequately demonstrates the potential for abuse.  If

not, imagine if I was a malevolent attacker who wanted to fill upsomeone's Gmailbox with thousands of "Congratulations from v6net.ru"

mail messages.

  I know we're all excited about IPv6 but the problem is that way too
many people are implementing it without any firewalling, or filtering
or anything.  Please don't think that the spammers are stupid.

Ted

mail# nslookup
> set type=MX
> mail.v6net.ru
Server:         50.198.160.177
Address:        50.198.160.177#53

Non-authoritative answer:
mail.v6net.ru   mail exchanger = 10 ip6.mail.v6net.ru.

Authoritative answers can be found from:
> set type=aaaa
> ip6.mail.v6net.ru
Server:         50.198.160.177
Address:        50.198.160.177#53

Non-authoritative answer:
ip6.mail.v6net.ru       has AAAA address 2a02:5800:0:a::144:10

Authoritative answers can be found from:
> exit
mail# telnet 2a02:5800:0:a::144:10 25
Trying 2a02:5800:0:a::144:10...
Connected to gamma.bestcom.ru.
Escape character is '^]'.
220 gamma.bestcom.ru ESMTP Postfix
HELO mail.ipinc.net
250 gamma.bestcom.ru
MAIL FROM:<[email protected]>
250 2.1.0 Ok
RCPT TO:<[email protected]>
250 2.1.5 Ok
DATA
354 End data with <CR><LF>.<CR><LF>
From: [email protected]
To: [email protected]
Subject:  Eat Me

eat me
.
250 2.0.0 Ok: queued as DC4AB814175
quit
221 2.0.0 Bye
Connection closed by foreign host.
mail#


On 4/30/2013 12:28 AM, Валерий Солдатов wrote:

Hello,
I wrote a little script-autoresponder, it helps to check delivery of email via 
IPv6.
Simply send an email to [email protected].

If we get it via IPv6, you will receive a confirmation letter with 
congratulations.
If we get it via IPv4, you will receive an error message about non-existing 
domain.
(MX record for mail.v6net.ru references only to AAAA-record).

Tested via gmail - OK
Hope this helps someone.


Valeriy Soldatov, Best Telecom ISP, Russia

Re: A simple test for email via IPv6

Reply via email to