It is rumored that on or about 2002-07-11 5:23 PM -0700, Warren
Michelsen wrote as follows:
>At 8:00 PM -0400 07/11/2002, Neil Herber wrote:
>>It is rumored that on or about 2002-07-11 4:40 PM -0700, Warren
>>Michelsen wrote as follows:
>>>
>>>Whether it's "deliver" or "relay", it's a distinction without a
>>>difference. There's no such client on this mail host. Why does it
>>>think that there is?
>>
>>Becuase your ex-client's IP address resolves to your server and is
>>therefore a client!
>
>This is purely speculation, right?
First a correction. I should have said "Becuase your ex-client's
domain name resolves to your server IP address".
Since I don't know any of the internal workings of SIMS, yes it is
speculation, but I think it is very well founded.
If you look at the SIMS documentation here:
http://www.stalker.com/SIMS/AntiSpam.html#Relay
you will see that it says:
>Open the SMTP Service Settings and click the Client Hosts button. A
>dialog box appears and allows you to enter the IP addresses on your
>LAN, as well as IP addresses of other systems that should be allowed
>to use your server as a mail relay. If you are an ISP and your mail
>server is used as a back-up mail server and/or as a forwarding mail
>server for your client systems, enter the IP addresses of your
>client servers in the Client Hosts dialog box.
>
>If you have dial-up users, enter the range of the IP addresses they
>use into the Clients Host dialog box.
>
>Now, when a message is received with the SMTP module via TCP/IP, and
>the sender IP address is not found in the Client Hosts list, the
>message is marked as being received "from a stranger". If this
>message should be relayed by your server to some other host on the
>Internet, and that host is not listed in the list either, the
>message is rejected.
>
>As a result, servers and workstations included into the Client Hosts
>list can use your server to send (relay) messages to anybody on the
>Internet, and any message from the Internet can be relayed to any
>listed address. But any message coming from an unlisted system and
>directed to some other unlisted system will be rejected. This will
>prohibit spammers from using your server as a mail relay.
>
Notice that this is based *purely* on IP numbers - SIMS does not look
at or care what the domain name is.
So my "speculation" is that it does a DNS lookup for
[EMAIL PROTECTED], finds that the IP for "client.from.hell" is
123.123.123.123, compares that to the Client Hosts list (and its own
IP), finds a match and says "legal mail!".
As soon as the rogue DNS entry (which I "speculate" is the entire
cause of your problem) gets taken down, mail directed to
client.from.hell will not even come anywhere near your server because
it won't resolve to 123.123.123.123 any more.
Furthermore, I "speculate" that SIMS has to accept and deliver mail
to and from its own IP or it would not be able to deliver bounce
messages and return receipts - both of which it generates itself.
Warren - put in the router entry and forget these guys!
--
Neil
Neil Herber, RGD
Corporate info at http://www.eton.ca/
Eton Systems, 15 Pinepoint Drive, Nepean, ON, Canada K2H 6B1
Tel: (613) 829-4668
#############################################################
This message is sent to you because you are subscribed to
the mailing list <[EMAIL PROTECTED]>.
To unsubscribe, E-mail to: <[EMAIL PROTECTED]>
To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]>
To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]>
Send administrative queries to <[EMAIL PROTECTED]>
