 | Start a set with this search |
 | Include this search in one of my sets |
 | Exclude this search from one of my sets |
 | Permalink to these results Paste this link in email or IM: |
 | Atom feed for tracking future search results Paste this URL into your reader: |
9 messages in net.sourceforge.lists.courier-users[courier-users] Email hijacking| From | Sent On | Attachments |
|---|---|---|
| tros...@juniper.net | Aug 19, 2003 5:01 pm | |
| Mitch (WebCob) | Aug 19, 2003 9:39 pm | |
| Mark Trostler | Aug 19, 2003 10:57 pm | |
| James A Baker | Aug 19, 2003 11:16 pm | |
| Mitch (WebCob) | Aug 20, 2003 12:44 am | |
| Theo Cabrerizo Diem | Aug 20, 2003 1:29 am | |
| list...@serv.ch | Aug 20, 2003 6:51 am | |
| Mark Trostler | Aug 21, 2003 8:10 pm | |
| Mitch (WebCob) | Aug 21, 2003 8:57 pm |
| Permalink for this message Paste this link in email or IM: |
| Permalink for this thread Paste this link in email or IM: |
| Atom feed for this thread Paste this URL into your reader: |
| Subject: | [courier-users] Email hijacking | Actions... |
|---|---|---|
| From: | tros...@juniper.net (tros...@juniper.net) | |
| Date: | Aug 19, 2003 5:01:40 pm | |
| List: | net.sourceforge.lists.courier-users | |
After having email addresses in my domains hijacked (both users that exist & those that don't) left, right, and center I can't take it anymore! Is it possible/insane to have esmtpd (& any other MTA) do a reverse DNS check on the MAIL FROM address to ensure that the domain specified there match the domain of the sending machine? I don't care if it takes a couple extra seconds to do that check, endless email hijacking is totally ridiculous & HAS to stop. I'm stick of seeing zillions of bounces from spam emails no one in my domain ever sent. SO someone please tell me what's so horrible about:
1. client connects & sends MAIL FROM address 2. server reverse DNSs the client's IP 3. if the domain doesn't match the domain in the FROM address or the IP is not resolvable the email is rejected
OR
1. client connects & sends MAIL FROM address 2. server DNSs the MX record for the domain in the FROM address 3. if the IP of client does NOT match one of the MX records for that domain the email is rejected. If domains want to allow other machines than their mail servers to be able to send emails using their domain they can add them with a very high MX priority so they never actually get used as a mail server BUT do show as legtimate sources of mail traffic for that domain
of course everyone across the internet would have to do this BUT if they DID then we REALLY cut down on spam - & virtually totally eliminate email hijacking.
Again who really cares about the extra 1 second or so the DNS lookups will take - & of course most likely they're cached locally anyway after the first hit.
Currently our mail infrastructure is setup to first accept and THEN see if there's something wrong with the message - HOWEVER with the tidal wave of spam that now is more numerous than legit email this paradigm needs to be switched: email should first be REJECTED UNLESS there's compelling reasons to be accepted...
Of course these same checks could also be done the 'From:' & 'Reply-To:' headers - which I also think is a good idea but requires more intervention & maybe someone has a problem with looking into the headers BUT with spam being WAY out of control we gotta take more serious steps to stem the tide.
whatcha'll think? Mark