Verizon is easily fooled by spamming zombies
Patrick W. Gilmore
patrick at ianai.net
Wed Jun 1 17:05:12 UTC 2005
On Jun 1, 2005, at 1:00 PM, Martin Hepworth wrote:
> Patrick W. Gilmore wrote:
>
>> On Jun 1, 2005, at 12:28 PM, Steven Champeon wrote:
>>
>>> IOW, VZ isn't even checking to see if a zombie'd host is forging its
>>> own domain into HELO, regardless of whether it comes from Comcast or
>>> UUNet, and as long as the forged sender has a verizon.net
>>> address, and
>>> the recipient hasn't blocked VZ's silly callback system, the message
>>> is relayed. Thanks, Verizon. We can hear you now.
>>>
>> The other half of this is if you are on VZ's network and try to
>> send mail through their system, you cannot unless you have a
>> "verizon.net" from address. Or at least that was the case when
>> my friend with VZ DSL tried to send e-mail through VZ from her
>> personal domain.
>
> Assuming it does via their systems - most zombies have their own
> smtp engine from what I understand
Zombies do both, but my comment wasn't about zombies, it was about
users. If you are a user with a vanity domain trying to send e-mail
"From: user at vanity.domain", you cannot through VZ's system. Despite
the fact we have spent years telling people they have to use their
local ISP's mail server to send mail out.
Does VZ support SMTP AUTH these days? (My info is over a year old.)
--
TTFN,
patrick
More information about the NANOG
mailing list