On Sun, Feb 20, 2000 at 03:41:06PM -0500, Valdis.Kletnieks@vt.edu wrote:
On Sun, 20 Feb 2000 11:59:42 PST, I Am Not An Isp <patrick@ianai.net> said:
This is the problem - a mail server stupid enough to send a bounce to an unverified host name, instead of the connecting IP address.
Stupid or not, that's required by the RFCs. Take a look at this mail, the original From: points at 'vt.edu', which is MX'ed to mail.vt.edu. However, that's NOT the address that the NANOG mailing list is receiving this mail from.
For that matter, did the mail from 'ianai.net' arrive at the NANOG mailing list *from* ianai.net? I see this in the headers:
Received: from pgilmore (PIX46.pgexch.com [208.217.23.46]) by pyrite.eod.onyx.net (8.9.3/8.9.3)
Hmm.. Must be spam we should have rejected, since there's a case to be made that you shouldn't accept mail you can't send a bounce message back to, and your mail obviously came from an unverified IP address...
MTA's don't send bounces to host names in Received: headers, they send bounces to RFC 822 envelope sender addresses. (At least, that's what they're SUPPOSED to do.) Some MTA's will barf when given a bogus MAIL FROM ("Sender domain must resolve") but some will not. The server that is getting deluged by bounces is most likely getting them because the senders are using that domain in the envelope sender, not because of the fake insertion into the Received: headers. --Adam