Re: [Exim] Relay

Top Page
Delete this message
Reply to this message
Author: Wakko Warner
Date:  
To: Tor Slettnes
CC: Rahul, exim-users
Subject: Re: [Exim] Relay
> - when spammer controls the rDNS (in-addr.arpa) zone for the IP
> address from which he is sending you the mail. He will simply create a
> rDNS entry from his IP address to 'pop.rahul.com', for instance. When
> you perform a MX lookup of this name, you'll get your own MX.


IIRC, exim does an rDNS lookup then does another DNS lookup on that name.
If the IP of the connecting host isn't listed in the 2nd lookup, the rDNS is
assumed to be spoofed and not used. So this would be a non-issue. (Unless
I misunderstood what you wrote)

>    - when a lookup of the remote IP address (correctly) yields
> "spammer.biz", but the owner of "spammer.biz" adds an MX record to his
> own domain pointing to "mx.rahul.com".


Oooh =)

--
Lab tests show that use of micro$oft causes cancer in lab animals