In message <CAArzuost70Yq=KfXHXZSOV+ptg6apiDzm71=FhCS+Ty_yo5OAA@mail.gmail.com>, Suresh Ramasubramanian writes:
On Wed, Sep 5, 2012 at 6:38 AM, Mark Andrews <marka@isc.org> wrote:
MUA's can make MX queries to validate entered addresses before SMTP/SUBMISSION is even attempted.
Sure but not on this guy's network as he's transparently proxying dns and blocking MX requests on his proxy
Well he was looking for software to block the queries. There is a whole mentality that homes don't need X which on closer examination just doesn't bear up to scrutany. This includes blocking SMTP or don't you think home users are entitled to have privacy when it comes to whom they email? STARTTLS from anywhere to anywhere is possible today and is not vulnerable to interception except in the MX's themselves. You can secure the MX records (and their absense) and secure the CERTs used by STARTTLS.
Of course a bot can build up a rich cache of MX records from elsewhere and send from a botted 3g modem connected host on his network -- Mark Andrews, ISC 1 Seymour St., Dundas Valley, NSW 2117, Australia PHONE: +61 2 9871 4742 INTERNET: marka@isc.org