Re: ***SPAM*** Re: ***SPAM*** Re: Massive SPAM Increase {-2.6} {-2.6}

--On October 14, 2006 1:44:04 AM -0400 Valdis.Kletnieks@xxxxxx wrote:

On Fri, 13 Oct 2006 22:52:12 CDT, you said:

I'm not sure what you mean by "split inbound and outbound", but any
outbound MX host *should* be listed in DNS.

Tell you what. Explain what an *OUTBOUND* MX is, and I'll see what I
can do.

The machine in question is *NOT* listed as an MX, because it is *NOT* a
machine that should be accepting *inbound* mail for the domain. Its
purpose in life is to send mail to off-campus sites.

It appears that what you're missing is that this one "flaw" is not enough to get mail rejected by policyd-weight. Policyd-weight, much like SA, works on cumulative scoring. One "bad" thing isn't going to get your mail rejected. But, in general, spam, viruses, phishing scams, et. al. will not only not be listed as an MX in DNS, they also won't reverse. They also forge the domain. They also lie about the sender domain. They also come from dialups or from known "spammy" servers. So, the *cumulative* effect is that the mail gets rejected.

One "flaw" such as a missing MX record is not going to cause a problem.

Paul Schmehl (pauls@xxxxxxxxxxxx)
Adjunct Information Security Officer
The University of Texas at Dallas
http://www.utdallas.edu/ir/security/

Attachment: p7s7BPUDwJgQH.p7s
Description: S/MIME cryptographic signature

Relevant Pages

  • Re: Tracing KCC activities besides using Ad diagnostics
    ... becuase of some of the missing connection links in some DC's. ... full, correct information to work with, and the routing and DNS ... detected some missing replication items on the remote DC's but missing DNS ...
    (microsoft.public.win2000.active_directory)
  • Re: DNS signature failed to verify error
    ... Since DNS on both servers only contains the NS record of the SBS ... the Domain.local zone is set to "All DNS servers in the Active ... with things such as the missing NS record? ...
    (microsoft.public.windows.server.dns)
  • Re: replication/connectivity error?
    ... > At least one CNAME record for an AD forest GUID was missing from a DNS ... > - The DNS servers used by this computer contain incorrect root hints. ... (the root zone) ... This must be something simple that I'm missing? ...
    (microsoft.public.windows.server.dns)
  • Re: "Access Denied" message when adding member server in existing
    ... The default SPN registration for 'HOST/silicon.sigma.com' is missing on DC 'congo.sigma.com'. ... PASS - All the DNS entries for DC are registered on DNS server ... List of NetBt transports currently bound to the Redir ...
    (microsoft.public.windows.server.active_directory)
  • Re: how do I remove first DC in site and leave alone second DC?
    ... where are both of these pointing for dns. ... Is the ldap error a "bind" error with an error code associated with it? ... Please do not send e-mail directly to this alias. ... > if you can tell me what I am missing or if you can point me to right ...
    (microsoft.public.win2000.active_directory)