[Esd-l] smashing unknowns
simon at paxonet.com
Tue Jul 30 10:00:01 PDT 2002
I don't think this is a case of poorly configured MTAs, rather it is simply
that their IP address does not resolve to a name (no PTR record for the IP
address). This can only be fixed by the owner of the IP address range.
Like many other companies, we run our own mail server -- we don't relay via
our ISP. Unfortunately, neither of our IP address ranges have working
reverse lookups, so most people will see "unknown" in the headers of emails
that we send.
At 08:08 AM 7/30/02 -0700, Scott Taylor wrote:
>This line is from a header in that last message I sent:
>Received: from yangc-s9smikhab (unknown [126.96.36.199])
>Yesterday I put in a filter for ^Received: .*(unknown*)
>to catch a lot of spam, and it worked great, but in about 4 hours I was
>getting calls from people (with poorly set up mail servers?) that were
>sending headers like this.
>Here is the header, is that from the mail server or the client?
> From bwreid at vernon.com Mon Jul 29 14:47:23 2002
> >From rolly Mon Jul 29 14:47:23 2002
>Return-Path: <bwreid at vernon.com>
>Delivered-To: xxxxx at xxxxxxxxxx.com
>Received: from liam.uiscan.com (liam.uiscan.com [188.8.131.52])
> by xxxxxxxxx.com (Postfix) with SMTP id AE6CB85642
> for <xxxxx at xxxxxxxxxxx.com>; Mon, 29 Jul 2002 14:47:22 -0700 (PDT)
>Received: (qmail 21606 invoked from network); 29 Jul 2002 21:48:08 -0000
>Received: from unknown (HELO BWREID) (184.108.40.206)
> by liam.uiscan.com with SMTP; 29 Jul 2002 21:48:08 -0000
>Message-ID: <006d01c23748$4ba54310$9009a8c0 at BWREID>
>Here is the DNS server for that unknown, figures:
>128.77.24.in-addr.arpa. 1800 IN SOA ns2ht.ok.shawcable.net.
>So, what I would like to do is catch these errors, and put them into a
>file like the sanitizer does with the quarantines, so if someone is
>missing an important email from a poorly set up ISP, it can be easily
>Esd-l mailing list
>Esd-l at spconnect.com
More information about the esd-l