On 2002-03-15 at 11:51 -0700, Christopher Mende wrote:
> Example reject log message:
>
> 2002-03-15 11:24:37 recipients from [1.1.1.1] refused (failed to find host
> name from IP address)
If that's a real example, then you're honestly better off not receiving
the message. And it would be good if you could traceroute to that
address (use "traceroute -n"); if you can reach it, then please submit
the results to your ISP.
1.0.0.0/8 is a reserved netblock. Whilst anyone technically competent
(or merely with point&click tools) can fake UDP packets from any
address, and often these will reach you, establishing a TCP connection
requires that the source address be reachable (unless they're spoofing
the connection, in which case upgrade your OS).
This means that your ISP (or, if they're small, their provider) is
accepting route advertisements for reserved blocks. Which really
shouldn't happen. If they're responsible, then they'll want to know
it's happened.
Unfortunately, some spammers actually have unfiltered BGP connections.
:^( They'll advertise an invalid netblock[1], spew out crap, then
withdraw the advertisement. This can be _hard_ to track down. Better
to simply refuse such routes in the first place.
[1] If they're nice. AFAIK they don't typically hijack an allocated
block. Someone might correct me. It wouldn't surprise me, spammers
sink pretty low.
--
Login incorrect.
Only perfect spellers may
enter this system.