From owner-cvs-all Wed Jul 29 20:37:38 1998 Return-Path: Received: (from daemon@localhost) by hub.freebsd.org (8.8.8/8.8.8) id UAA21009 for cvs-all-outgoing; Wed, 29 Jul 1998 20:37:38 -0700 (PDT) (envelope-from owner-cvs-all) Received: from spinner.netplex.com.au (spinner.netplex.com.au [202.12.86.3]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id UAA21000 for ; Wed, 29 Jul 1998 20:37:34 -0700 (PDT) (envelope-from peter@netplex.com.au) Received: from spinner.netplex.com.au (localhost [127.0.0.1]) by spinner.netplex.com.au (8.8.8/8.8.8/Spinner) with ESMTP id LAA04703; Thu, 30 Jul 1998 11:08:22 +0800 (WST) (envelope-from peter@spinner.netplex.com.au) Message-Id: <199807300308.LAA04703@spinner.netplex.com.au> X-Mailer: exmh version 2.0.2 2/24/98 To: Nate Williams cc: Sean Eric Fagan , committers@FreeBSD.ORG Subject: Re: sendmail 8.9.x In-reply-to: Your message of "Wed, 29 Jul 1998 17:33:32 CST." <199807292333.RAA00686@mt.sri.com> Date: Thu, 30 Jul 1998 11:08:22 +0800 From: Peter Wemm Sender: owner-cvs-all@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk Nate Williams wrote: > > >> I think this should be on by default when we ship: > > >> > > >> FEATURE(relay_based_on_MX) > > > > > >Can we do both? Both are perfectly reasonable options that stops the > > >grand majority of relay abuse. > > > > The first does not stop the grand majority of relay abuse. I can speak as an > > expert here. > > > > The second is less so, but still abusable, and will still likely result in > > blackholing. > > Both are abusable. The second generally isn't abuseable by spammers. In order to abuse the second (relay_based_on_MX) they would need to be able to control the recipient's DNS server. IE: if they wanted to use your machine to relay to (say) aol.com, then they would have to (somehow) add your machine to the list of MX handlers for aol.com. This is beyond simple spammers as it requires either DNS hacking or a breakin of the nameserver host(s) for the target.. And if you were going to break into the remote system in order to list all the sites that you wanted to relay mail to them, then it'd be a hell of a lot easier to simply just mail from the host that was attacked. What the second doesn't stop, is if somebody "out there" decides to list your.machine.com as a fallback MX for their.domain.com. If they go down, your machine will start getting mail in it's queue even though you've never heard of them before. This is different to spamming, it's theft of resources. However, back in the early days of the internet when it was one big happy family, people had casual arrangements for fallback MX's all over the place and keeping track of these was pretty hit-and-miss. I know that some of our machines are fallback MX's for sites that we have not heard from since 1993 or 1994 or so, because they occasionally pop up as a relaying denied in our logs. I suspect many other older ISP's are in the same boat - if we had relay_based_on_MX back when we first turned on anti-relay checks, things would have been a hell of a lot smoother. The risk of course is that a spammer contacts your.machine.com to relay to their.domain.com, which of course will work.. But at least they'd have to pass the other anti-relaying stuff (such as RBL) as well, and it's the target machine's fault anyway. > Nate Cheers, -Peter