Re: [Exim] Columbian Spammer

Top Page
Delete this message
Reply to this message
Author: Wakko Warner
Date:  
To: Giuliano Gavazzi
CC: Matthew Byng-Maddick, exim-users
Subject: Re: [Exim] Columbian Spammer
> >You misconfigure your MX, they send mail where the MX tells them to, you
> >blacklist them. That sounds innocent to me. You're killing the mail of
> >the third party, because of your mistake. Not only that, but you're failing
> >to let them mail your postmaster, because of your mistake.
>
> sorry guys, but I fail to see where exactly the disagreement is. But
> of something I am sure, misconfiguring MX could be a type of DOS
> attack, although a very bland one. By misconfiguring an MX you indeed
> would cause all clients attempting to deliver to the corresponding
> domain to be blacklisted by the server to whom the MX points to, if
> that server implements the automatic blacklisting policy.
> This also points to a possible solution, that is, if someone attempt
> to relay first check the MX, if the MXs point to you log the entry
> (for further action), if the MXs do not point to you, blacklist them.
> More than I care to do (I do not enforce blacklisting based on
> attempts) but perhaps something Matthew would accept.


If someone configured their MX to point to my machine and I have no idea who
these people are, they may get blacklisted by me. However, if the rcpt to
domain is always the same, it would be easy to figure out WHO did the
configuring.

I dislike the @mx (I forget what it was called) in the relay_to_domains for
this reason. But that's just me. I'd rather not unknowningly become
someone's backup MX.

--
Lab tests show that use of micro$oft causes cancer in lab animals