Chris Edwards <chris@???> said, in message
Pine.SOC.4.62.0710101555440.589@???:
> On Wed, 10 Oct 2007, Graeme Fowler wrote:
>
> | Given that you've explained three times now what you're doing, and I
> | still can't see where you're generating your blacklist, I can see a
> flaw | here. If a user sends a message to, for example, a person the
> BBC with a | sender address of auj@???, and the person
> at the BBC | responds, will that mean the BBC's outbound MX farm will
> end up | blacklisted?
>
> Hi,
>
> As you know, Alun's talking about SMTP connections to hosts which are
> not supposed to receive external mail. My reading is there are two
> cases:
>
> - Where the recipient email address corresponds to some host
> under *.aber.ac.uk, then the attempt will simply be rejected
> cleanly with no further penalty.
>
> - Only where the recipient address corresponds to something external
> (ie. a relay attempt) will the connecting IP be added to blacklist,
> to be used by the main MXs etc.
>
> The former case is an innocent mistake, whereas the latter is
> normally malicious.
Like Chris said :-)
Wish I could have put it so plainly...
Of course, the clean rejection is actually cleaner than the
original situation where the BBC's outbound MX farm would have
kept battering at a closed port for a week before bouncing a
timeout message to the sender.
Interestingly the system has just blacklisted JANET's relay
testing system!
Cheers,
Alun.
--
Alun Jones auj@???
Systems Support, (01970) 62 2494
Information Services,
University of Wales, Aberystwyth