[AusNOG] Greylisting & Telstra

Mark Delany g2x at juliet.emu.st
Fri Dec 2 11:58:19 EST 2011


> Correct me if im wrong cant you just get this from doing a few simple
> query's ?
> 
>  
> 
> [bruce at nms02-gcomm ~]$ host -t MX bigpond.com

Eh?

The chances of outbound and inbound systems being the same gets rarer
as the service provider gets larger. The only well defined ways of
knowing legit outbound servers are SPF and DKIM. And, as already
observed, SPF is a topology/allocation statement decoupled from the
mail stream so it can (and does) bitrot without the provider noticing.

A second problem with the "host -t" approach (and spf:mx for that
matter) is that it fails to identify most of the A RRs of very large
providers who round-robin their MX responses. Though only a handful of
providers do this and I doubt bigpond has enough traffic to be in this
category.

So, for small fish in a little pond, MX *might* just happen to
identify outbound servers, but otherwise it's more likely to mislead
than to help.


Mark.



More information about the AusNOG mailing list