[time-nuts] Strange reports of bocked messages to timenuts

Bob Johnson timenuts at bobj.org
Sat May 17 22:52:50 EDT 2008


> Re: [time-nuts] Strange reports of bocked messages to timenuts
> From: John Ackermann N8UR <jra at febo.com>
[...]
>
> But what's interesting is that the error has been in place for over two
> years, and this is the first time it's ever caused any problems.  And
> I'm really not sure what the security implication is of an MX pointing
> to a CNAME.  I can see that it could result in lower reliability by
> putting an extra link in the DNS chain, but that's not really a security
> problem.

A spam filter would not normally be configured so that listing on 
rfc-ignorant.org is enough to reject a message, because far to many 
legitimate hosts (often for large corporations) end up listed there. So most 
systems would not reject your mail even if (as many do) they looked you up on 
rfc-ignorant.org, and it's not surprising that it took years to find someone 
anal enough to block you just for that. I'd guess that the domain in question 
will soon discover that they are being overly restrictive and modify their 
spam filtering system. Unfortunately, they will probably never fix the 
backscatter problem - that seems to be working as Microsoft designed it.

I question rfc-ignorant.org's inclusion of a site solely for having an MX 
record point to a CNAME. You aren't supposed to do it, but it only affects 
delivery to your domain, not the reliability of messages from your domain, 
and contrary to popular belief, it is discouraged, not prohibited. The reason 
it is discouraged is that you can create infinite loops that bounce a message 
between two servers using several different aliases (or perhaps a few other 
silly results). But if you don't manage to do that, a server that complies 
with the specification will be able to deliver mail to you (RFC-974 
specifically requires that if the MX record points to a CNAME, the query must 
be repeated with the CNAME).

By the way, after you fix the problem, you need to go to rfc-ignorant.org and 
tell them that you have fixed it so they remove you from their list.

- Bob




More information about the time-nuts mailing list