On Tue, Nov 29, 2005 at 10:42:11AM +0000, Declan Moriarty wrote: > Received: from [81.103.221.10] (really [61.173.188.55]) > by aamta03-winn.ispmail.ntl.com with SMTP > id > <[EMAIL PROTECTED]
It is very common for a spammer to either pass the hostname of the MX record, or the IP of the MX record in an attempt to be trusted. > Does this mean that NTL are open relays? Or are they just easily > fooled? It would see that your definition of open relay might be skewed. When I send an email to [EMAIL PROTECTED], I do not have to be authenticated to send mail *to* mail.example.com because the mail server considers itself to the the final destination (or at least it is authorized to act as such). Now, let's say you are [EMAIL PROTECTED] and you want to send mail to [EMAIL PROTECTED] You are sending mail *through* mail.example.com, not *to* it. The mail server is going to pass the baton to a another mail server (relay it). Now it wants to know who you, as the sender, are. Most ISP's allow your IP to be enough to identify you. If it is an IP owned by Example ISP, no authentication configuration is needed. If you are travelling, you might need SMTP AUTH, POP before SMTP, or a myriad of other methods for the mail server to know who you are before it will accept mail from you with a destination other that example.com. If you can get around that authentication, or the server doesn't require that authentication, then you have an open relay. It openly passes mail through it. Hope that helps! -- Archaic Want control, education, and security from your operating system? Hardened Linux From Scratch http://www.linuxfromscratch.org/hlfs -- http://linuxfromscratch.org/mailman/listinfo/blfs-support FAQ: http://www.linuxfromscratch.org/blfs/faq.html Unsubscribe: See the above information page
