At 12:28 PM -0700 9/16/03, Global Homes Webmaster wrote: >On 09/16/03 at 15:13 -0400, Aron Spencer opined: > >> Block "64.94.110.11" for now... until they change it... > >And that accomplishes what, exactly? Your mail server won't (shouldn't) be >getting connections from 64.94.110.11, so blacklisting it doesn't do any >good. As Bill pointed out, SIMS doesn't check whether or not the address >that a Return-Path resolves to is blacklisted. It just looks to see if >there's an A record for it (any A record). Since there is now an A record >for ALL com and net domains, any bogus com or net return-path will pass the >'Verify Return-Paths' test. Blacklisting 64.94.110.11 doesn't fix that.
So I went to the manual to see what this would do. http://www.stalker.com/mac/SIMS/AntiSpam.html#MailFrom > >When the Verify Return-Path option is selected in the SMTP Service >Settings, the SMTP module parses the message Return-Path (Mail From) >addresses, and the module refuses to receive a message if: > >* the Return-Path domain name is an empty string (no domain specified); >* the Return-Path address is routed (via the Server Router) to the ERROR >address; >* the Domain Name System does not have neither MX nor A records for the >Return-Path domain (an unregistered domain); >* the Domain Name System has an MX record for the Return-Path domain, but >it points to an A-record that does not exist (a faked domain); >* the A-record or the the highest-priority MX record for the Return-Path >domain points onto an IP address included in the Black List; >* the Return-Path domain name is specified as an IP address, and that >address is not included into the Client Hosts list. It looks like bullet points 3 and 4 are no longer worthwhile, but 5 will make Aron's suggestion worthwhile as long as we know what Verisign will return. Can anyone verify that it does what I think it says? Effectively, this is not unlike a RBL. You do a lookup and if it returns a particular IP and that IP is in the blacklist, the site is blocked. -- Michael Croft http://www.whiterose.org/michael SAM: It's 106 miles to the Crack of Doom. We've got a magic ring, two daggers, it's dark, and we're wearing sunglasses FRODO: Hit it. ############################################################# This message is sent to you because you are subscribed to the mailing list <[EMAIL PROTECTED]>. To unsubscribe, E-mail to: <[EMAIL PROTECTED]> To switch to the DIGEST mode, E-mail to <[EMAIL PROTECTED]> To switch to the INDEX mode, E-mail to <[EMAIL PROTECTED]> Send administrative queries to <[EMAIL PROTECTED]>
