Folks, http://www.theregister.co.uk/content/6/24544.html
Were they trying to use spamming techniques to compile a list of failing mail servers? And this in breach of DMCA or and hacking legislation? If there were a RFC ilustrating "HELO, RU-AN-OPEN-RELAY, THNX, BYE" , then it might not have gone to court/lawyers. - Paul > Danny, > >>> Spammers use an openrelay SMTP server to post thru. Let's call that >>> machine A. They make their headers appear to be from elsewhere. Let's >>> say that is machine B (it might be real or not). When the mail arrives >>> at machine C (it's desination), that mail server can see evidence of B >>> (clearly), but also information pertaining to A? Or is it that only >>> information from some uplink A connects to is evident? >>> >> >> C should append a line a bit like: >> "received by C[123.123.123.123] from A[432.432.432.432] at 00:00 GMT >> +0000" >> > You mean ... > > B should append a line a bit like: > "received by B[123.123.123.123] from A[432.432.432.432] at 00:00 GMT > +0000" > >>> If C sends a digest (subject of a new RFC) to B of the message through >>> SMTP saying "did you send this?", then there are two possibilities - >>> (1) >>> The answer is "no I did not", or (2) no such mail server. Does A have >>> record of the email? >>> >> >> pretty much not, once its sent or bounced the MTA is glad to get rid and >> reclaim the space. >> >>> If it does, can it determine that it was from the >>> real email user? >>> >> >> Possibly yes depending how tightly it is set up itself to prevent >> relaying, >> more likely no, if A has faked a message from a real user of B it >> would be >> hard to differentiate from a bona fide one. >> > OK, here is a lateral question : How if ServerA receives mail from > ServerB, how does A determine if B is an open-relay type? > > 1) Blacklist (checks IP against table centrally maintained). > 2) Asks it -> Are you open relay? ( reaches back to Server B in > seperate connection, caches yes/no response for last 1000 mail servers) > 3) Other ? > > Of course I'm eluding to (2) being part of the new RFC. > > - Paul > > > > > > -- > To unsubscribe, e-mail: > <mailto:[EMAIL PROTECTED]> > For additional commands, e-mail: > <mailto:[EMAIL PROTECTED]> > > > -- To unsubscribe, e-mail: <mailto:[EMAIL PROTECTED]> For additional commands, e-mail: <mailto:[EMAIL PROTECTED]>
