Re: [mailop] proper NULL MX behaviour for MTAs?
In articleyou write: >Suresh Ramasubramanian wrote: > >> A domain with a null mx may well originate email >If they try to do that they will be sad. RFC 7505 section 4.2 agrees with you. Section 4.1 suggests using status code 550 and extended code 5.7.27 when you reject it. It took more coordination than you might expect to make this match Klensin's RFC 7404 which defines the new status codes for null MX rejections. R's, John ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] proper NULL MX behaviour for MTAs?
Franck Martin via mailopwrote: > > This could be true but then RFC7505 is recent, so I'm not sure that proper > MTAs are yet properly behaving. I wonder what sendmail, postfix, exim > really do? Exim has treated null MXs as invalid since 2004. https://www.ietf.org/mail-archive/web/apps-discuss/current/msg11051.html Tony. -- f.anthony.n.finch http://dotat.at/ Forties, Cromarty, Forth: Southwest 5 to 7, backing south 6 to gale 8, occasionally severe gale 9 later. Slight or moderate, becoming rough or very rough later, occasionally high later in Forties. Rain. Moderate or poor. ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] proper NULL MX behaviour for MTAs?
Suresh Ramasubramanianwrote: > A domain with a null mx may well originate email If they try to do that they will be sad. A lot of MTAs will reject email with a MAIL FROM using a domain that is invalid according to the DNS, and a null MX counts as invalid for this purpose. Tony. -- f.anthony.n.finch http://dotat.at/ Biscay, Southeast Fitzroy: Northerly backing southwesterly 5 to 7. Moderate or rough. Fair. Good. ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] proper NULL MX behaviour for MTAs?
My test with postfix yielded: Status: 5.4.4 Diagnostic-Code: X-Postfix; Name service error for name=abx.ca type=MX: Malformed or unexpected name server reply so at least it hard failed. - mark On 2016-02-28 12:07 AM, John Levine wrote: >> What is an MTA supposed to do with a message addressed to a domain with >> a NULL MX? > > Reject it with a 556 status code and 5.1.10 enhanced status code. If > the message was already relayed, return a DSN if it makes sense. See > section 4.1. > > You can also feel free to reject mail if the return address has a null > MX since you can't reply; in that case it's status 550 and 5.7.27. > >> I'm looking at some logs and seeing attempts to deliver email to lots of >> domains with NULL MX enabled (that have been so for years) and wondering >> if I can safely mine these logs and add all the originating MTA IPs to >> an internal RBL. > > That seems reasonable. Any MTA that tries the A address if you > publish a null MX (that's "domain MX 0 .") is so broken that it > deserves to die if it's not already spamware. There are plenty of > MTAs that will sit on the message for a week hoping the next time they > look up the MX it will be different, but I can't recall seeing any > legitimate MTA for a long time that falls back to A if it finds an MX. > > The RFC is new but the draft was kicking around since 2006, and was > never controversial. > > R's, > John > -- Mark Jeftovic, Founder & CEO, easyDNS Technologies Inc. Company Website: http://easydns.com Read my blog: http://markable.com +1-416-535-8672 ext 225 ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] proper NULL MX behaviour for MTAs?
>What is an MTA supposed to do with a message addressed to a domain with >a NULL MX? Reject it with a 556 status code and 5.1.10 enhanced status code. If the message was already relayed, return a DSN if it makes sense. See section 4.1. You can also feel free to reject mail if the return address has a null MX since you can't reply; in that case it's status 550 and 5.7.27. >I'm looking at some logs and seeing attempts to deliver email to lots of >domains with NULL MX enabled (that have been so for years) and wondering >if I can safely mine these logs and add all the originating MTA IPs to >an internal RBL. That seems reasonable. Any MTA that tries the A address if you publish a null MX (that's "domain MX 0 .") is so broken that it deserves to die if it's not already spamware. There are plenty of MTAs that will sit on the message for a week hoping the next time they look up the MX it will be different, but I can't recall seeing any legitimate MTA for a long time that falls back to A if it finds an MX. The RFC is new but the draft was kicking around since 2006, and was never controversial. R's, John ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] proper NULL MX behaviour for MTAs?
I'm no expert on Exchange ... Only the filtering in our service. It should be checked out. I'll see if I can wave the RFC under some noses... Next week. Aloha, Michael. -- Sent from my Windows Phone From: Suresh Ramasubramanian<mailto:ops.li...@gmail.com> Sent: 2/27/2016 8:12 PM To: Michael Wise<mailto:michael.w...@microsoft.com> Cc: Franck Martin<mailto:fmar...@linkedin.com>; Mark Jeftovic<mailto:mar...@easydns.com>; mailop<mailto:mailop@mailop.org> Subject: Re: [mailop] proper NULL MX behaviour for MTAs? If there's an nxdomain for mx sendmail etc will fall back to the A - not to my knowledge if there's just a servfail No idea about exchange, you should be the expert on that, Mike --srs On 28-Feb-2016, at 9:39 AM, Michael Wise <michael.w...@microsoft.com<mailto:michael.w...@microsoft.com>> wrote: And Exchange. Aloha, Michael. -- Sent from my Windows Phone From: Franck Martin via mailop<mailto:mailop@mailop.org> Sent: 2/27/2016 7:39 PM To: Mark Jeftovic<mailto:mar...@easydns.com> Cc: Suresh Ramasubramanian<mailto:ops.li...@gmail.com>; mailop<mailto:mailop@mailop.org> Subject: Re: [mailop] proper NULL MX behaviour for MTAs? On Sat, Feb 27, 2016 at 7:23 PM, Mark Jeftovic <mar...@easydns.com<mailto:mar...@easydns.com>> wrote: On 2016-02-27 9:59 PM, Suresh Ramasubramanian wrote: > A domain with a null mx may well originate email but will absolutely not > receive email - so mail gets trashed at your end as well without staying > endlessly on your mall queues > > You can possibly correlate that mx with the behavior of domains that are > sending you mail.. Though a domain rather than IP bl may make sense. > Sorry, I realized after I sent that I needed to clarify that what I'm observing are MTAs attempting to deliver email to addresses at IP of the A record for the domain, ignoring the presence of its NULL MX. So the originating MTAs are ignoring the NULL MX and attempting to deliver to the A hostname, leading me to surmise they are spambots or zombies. This could be true but then RFC7505 is recent, so I'm not sure that proper MTAs are yet properly behaving. I wonder what sendmail, postfix, exim really do? ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] proper NULL MX behaviour for MTAs?
And Exchange. Aloha, Michael. -- Sent from my Windows Phone From: Franck Martin via mailop<mailto:mailop@mailop.org> Sent: 2/27/2016 7:39 PM To: Mark Jeftovic<mailto:mar...@easydns.com> Cc: Suresh Ramasubramanian<mailto:ops.li...@gmail.com>; mailop<mailto:mailop@mailop.org> Subject: Re: [mailop] proper NULL MX behaviour for MTAs? On Sat, Feb 27, 2016 at 7:23 PM, Mark Jeftovic <mar...@easydns.com<mailto:mar...@easydns.com>> wrote: On 2016-02-27 9:59 PM, Suresh Ramasubramanian wrote: > A domain with a null mx may well originate email but will absolutely not > receive email - so mail gets trashed at your end as well without staying > endlessly on your mall queues > > You can possibly correlate that mx with the behavior of domains that are > sending you mail.. Though a domain rather than IP bl may make sense. > Sorry, I realized after I sent that I needed to clarify that what I'm observing are MTAs attempting to deliver email to addresses at IP of the A record for the domain, ignoring the presence of its NULL MX. So the originating MTAs are ignoring the NULL MX and attempting to deliver to the A hostname, leading me to surmise they are spambots or zombies. This could be true but then RFC7505 is recent, so I'm not sure that proper MTAs are yet properly behaving. I wonder what sendmail, postfix, exim really do? ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] proper NULL MX behaviour for MTAs?
If a domain is telling me it does not accept emails, why should I accept mail from such domain if I cannot reply back to it? On Sat, Feb 27, 2016 at 6:59 PM, Suresh Ramasubramanianwrote: > A domain with a null mx may well originate email but will absolutely not > receive email - so mail gets trashed at your end as well without staying > endlessly on your mall queues > > You can possibly correlate that mx with the behavior of domains that are > sending you mail.. Though a domain rather than IP bl may make sense. > > --srs > > > On 28-Feb-2016, at 8:07 AM, Mark Jeftovic wrote: > > > > > > What is an MTA supposed to do with a message addressed to a domain with > > a NULL MX? > > > > RFC 7505 talks about domains with a NULL MX should not originate email > > (in their sender envelopes, etc) but what about the converse? > > > > I'm looking at some logs and seeing attempts to deliver email to lots of > > domains with NULL MX enabled (that have been so for years) and wondering > > if I can safely mine these logs and add all the originating MTA IPs to > > an internal RBL. > > > > I think I can. I think I will. > > > > - mark > > > > -- > > Mark Jeftovic, Founder & CEO, easyDNS Technologies Inc. > > Company Website: http://easydns.com > > Read my blog: http://markable.com > > +1-416-535-8672 ext 225 > > > > ___ > > mailop mailing list > > mailop@mailop.org > > https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop > > ___ > mailop mailing list > mailop@mailop.org > https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop > ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] proper NULL MX behaviour for MTAs?
On 2016-02-27 9:59 PM, Suresh Ramasubramanian wrote: > A domain with a null mx may well originate email but will absolutely not > receive email - so mail gets trashed at your end as well without staying > endlessly on your mall queues > > You can possibly correlate that mx with the behavior of domains that are > sending you mail.. Though a domain rather than IP bl may make sense. > Sorry, I realized after I sent that I needed to clarify that what I'm observing are MTAs attempting to deliver email to addresses at IP of the A record for the domain, ignoring the presence of its NULL MX. So the originating MTAs are ignoring the NULL MX and attempting to deliver to the A hostname, leading me to surmise they are spambots or zombies. - mark > --srs > >> On 28-Feb-2016, at 8:07 AM, Mark Jeftovicwrote: >> >> >> What is an MTA supposed to do with a message addressed to a domain with >> a NULL MX? >> >> RFC 7505 talks about domains with a NULL MX should not originate email >> (in their sender envelopes, etc) but what about the converse? >> >> I'm looking at some logs and seeing attempts to deliver email to lots of >> domains with NULL MX enabled (that have been so for years) and wondering >> if I can safely mine these logs and add all the originating MTA IPs to >> an internal RBL. >> >> I think I can. I think I will. >> >> - mark >> >> -- >> Mark Jeftovic, Founder & CEO, easyDNS Technologies Inc. >> Company Website: http://easydns.com >> Read my blog: http://markable.com >> +1-416-535-8672 ext 225 >> >> ___ >> mailop mailing list >> mailop@mailop.org >> https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop -- Mark Jeftovic, Founder & CEO, easyDNS Technologies Inc. Company Website: http://easydns.com Read my blog: http://markable.com +1-416-535-8672 ext 225 ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop
Re: [mailop] proper NULL MX behaviour for MTAs?
A domain with a null mx may well originate email but will absolutely not receive email - so mail gets trashed at your end as well without staying endlessly on your mall queues You can possibly correlate that mx with the behavior of domains that are sending you mail.. Though a domain rather than IP bl may make sense. --srs > On 28-Feb-2016, at 8:07 AM, Mark Jeftovicwrote: > > > What is an MTA supposed to do with a message addressed to a domain with > a NULL MX? > > RFC 7505 talks about domains with a NULL MX should not originate email > (in their sender envelopes, etc) but what about the converse? > > I'm looking at some logs and seeing attempts to deliver email to lots of > domains with NULL MX enabled (that have been so for years) and wondering > if I can safely mine these logs and add all the originating MTA IPs to > an internal RBL. > > I think I can. I think I will. > > - mark > > -- > Mark Jeftovic, Founder & CEO, easyDNS Technologies Inc. > Company Website: http://easydns.com > Read my blog: http://markable.com > +1-416-535-8672 ext 225 > > ___ > mailop mailing list > mailop@mailop.org > https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop ___ mailop mailing list mailop@mailop.org https://chilli.nosignal.org/cgi-bin/mailman/listinfo/mailop