alec.berry at restontech.com
Thu Sep 4 09:57:24 CDT 2008
-----BEGIN PGP SIGNED MESSAGE-----
Mark Andrews wrote:
>> You do realise that there a mail clients that check MX
>> records *before* submitting email (or before on sending the
>> email) so that typos get detected in the client before any
>> email is sent from the client.
I think you are not familiar with the difference between the DROP list
and the XBL. The DROP list is *not* an RBL!
I do not allow any traffic at all to or from the DROP list-- including
MX lookups. I can't think of any good reasons why I would.
The XBL is used only to block mail transport-- it is configured in
sendmail, not at the firewall. The scenario you lay out will still work:
- - end user on a dial up that happens to be on the XBL (common)
- - end user queries MX records, either directly or via their name server
- - end user submits mail to their SMTP server (not on the XBL)
- - SMTP server transports mail to my system
Unless one of those systems mentioned above is a hijacked name server in
Kyiv (and thus on the DROP list), everything will work.
/ Alec Berry \______________________________
| Senior Partner and Director of Technology \
| PGP/GPG key 0xE8E9030F |
| http://alec.restontech.com/#PGP |
| RestonTech, Ltd. |
| http://www.restontech.com/ |
| Phone: (703) 234-2914 |
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----
More information about the NANOG