lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
From: martin.macok at underground.cz (Martin Mačok)
Subject: Apparently the practice was prevalent

On Tue, Feb 10, 2004 at 08:20:00PM -0000, John.Airey@...b.org.uk wrote:

> >> format of the email you are reading, RFC 822. It's worth pointing
> >> out that anyone who does not have an "open" email relay is in
> >> breach of this RFC
> 
> >Not true.
> 
> At the risk of descending into a playground argument, 'tis true.
> Sections 4.3.2, 6.2.2 and 6.2.6 imply that you have an open relay.

Which RFC ???

> In fact, RFC 2822 which obsoletes RFC 822 doesn't even mention
> relays.

Of course. It also doesn't mention space ships. It's just about
something else. It has not anything to do with "email relaying".

The right one is RFC 2821. See the quote of "Relaying" part from my
previous post.

> Is there any RFC that specifies that open relays are a bad idea?

Do not expect that there is an RFC for every bad idea around ...

> I can't find one.

I can.

RFC 2505         Anti-Spam Recommendations       February 1999

2.1. Restricting unauthorized Mail Relay usage

[..]

   Therefore, the MTA MUST be able to control/refuse such Relay usage.

[..]

            ... MTA MUST be able to authorize Mail Relay usage based on
   a combination of:

   o   "RCPT To:" address (domain).
   o   SMTP_Caller FQDN hostname.
   o   SMTP_Caller IP address.

[..]

Martin Ma?ok

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ