Nicolas MONNET <[EMAIL PROTECTED]> writes on 2 September 1999 at 16:54:52 +0200
> Would'nt it make sense to ask the fine people at the MAPSRBL to explain
> the meaning of their test? And to point to qmail as an example of an MTA
> which will properly bounce back.
They do explain it now.
There are a small number of unusual mail server configurations that
will yield a false positive result ("server susceptible to relay") to
this test. These servers initially accept the test message, but later
take a closer look, detect the relay attempt, and bounce it. They
generally involve configurations such as a dumb firewall proxy that
accepts anything, backed up by a smart mail hub that does all the hard
work. If you are one of the rare folks who has a mail server like
this, you already know it's going to do this, so it shouldn't be a
problem. This web page is not for you. This also means that if you go
probing other people's networks with this form, you may get false
positive results.
(On the "is my mailer vulnerable?" page,
http://maps.vix.com/tsi/ar-test.html, where you run the test from.)
It doesn't specifically mention qmail, but it certainly says enough
to make it clear that failing this test should not be considered
grounds for blocking. The test is clearly intended to help people vet
their own sites. For that purpose, false positives are better than
flase negatives, especially false positives that come with warnings as
these do.
Unfortunately, there is no tool so good and no explanation so clear
that it will not be misused and misunderstood.
--
David Dyer-Bennet ***NOTE ADDRESS CHANGES*** [EMAIL PROTECTED]
http://dd-b.lighthunters.net/ (photos) Minicon: http://www.mnstf.org/minicon
http://www.dd-b.net/dd-b (sf) http://ouroboros.demesne.com/ Ouroboros Bookworms
Join the 20th century before it's too late!
