messagelabs.com contact - SMTP-side domaincheck checks IPv4 only, rejects domains with first MX on IPv6

Jeroen Massar jeroen at unfix.org
Mon Jun 6 08:20:09 UTC 2011


On 2011-Jun-06 00:07, Matt Sergeant wrote:
> I'll get someone to contact Ford and see what they are running. From
> google it looks like Exchange. Is this a known bug with Exchange? If so
> I think there's bigger problems than messagelabs :)

Ah good catch, indeed the messagelabs.com SMTP is not the blame here, it
forwards it internally to a ford.com one which rejects it.

One of the mail servers that is broken in that respect upto a very
recent version is Communigate Pro.

As for the backscatter that the above setup can generate, you might want
to implement the same checks on the front-ends, or at least ask the
customers you are forwarding to to disable these checks at least for
your frontend servers as now as you can see, the messagelabs.com smtp
accepted the email and then started rejecting it. If somebody thus
nicely 'forges' (well just fills in a random) email address, the
ford.com server will reject it, and messagelabs starts spamming them
with the full message which is included in the bounce....

Oh, gee, now lets hope spammers don't abuse that 'feature' eh...

Greets,
 Jeroen




More information about the NANOG mailing list