| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20050620172056.42A3B1EE15@greed.dyndns.org> Date: Mon Jun 20 18:21:07 2005 From: greed at pobox.com (Graham Reed) Subject: Gmail blacklisted by Full-Disclosure Valdis.Kletnieks@...edu writes: > Complain to GMail - it's saying that a 'MAIL FROM:<>' is invalid, when > in fact its the *mandatory* way of sending bounce messages. RFC2821, section 6.1: That may be what the error message from the blacklist claims to say, but that's not what the "evidence" provided on the blacklist's website says: <URL:http://www.rfc-ignorant.org/tools/detail.php?domain=zproxy.gmail.com&su bmitted=1116709803&table=dsn> <postmaster@...oxy.gmail.com>: connect to zproxy.gmail.com[64.233.162.200]: Connection timed out So, of course MAIL FROM:<> fails. MAIL FROM: <validuser@...il.com> will also fail, as will MAIL FROM: <bogususer@...il.com> or MAIL FROM: invalid syntax. A quick check with good ol' telnet confirms that Connection timed out is, indeed, the problem. So it's not that quick a check.... It is entirely possible that these machines are interior to exterior relays; they are not MX nodes. Trying to deliver to these machines rather than the advertised MX seems just... well, prone to failure at best. There is no requirement I'm aware of that an SMTP sender also be an SMTP receiver. If your MTA accepts the message and then finds out it needs to bounce it, you bounce to the address provided in MAIL FROM:. You no longer care about the HELO/EHLO host, and besides, what username would you use on that host anyway? DNSbls are good, but I'm not sure that DNSbl is well-run, though I do approve of its intent.
Powered by blists - more mailing lists