[RFCI-Discuss] DSN listing of secureserver.net

Alex van den Bogaerdt alex at ergens.op.het.net
Tue Oct 24 22:19:51 EDT 2006 

On Tue, Oct 24, 2006 at 07:37:09PM -0400, Alan Brown wrote:

> Who put a bug up your ass today?

Sure, direct your insulting language at me.


> > The funny thing is: I am always thinking this when I see SPF
> > records including "mx ptr", and/or when I see helo parameters
> > that clearly aren't fully qualified domain names for the host.
> 
> Which the remote host accepted - hence the brain damage comment.

No, the remote host did not accept manawatu.net.nz

Accepting messages without a proper helo parameter can be argued
about.  But _you_ were using an improper parameter as an example,
on this list, without realizing it.

And it was _you_ that wrote:

> SPF checks are supposed to be based on the envelope sender address, not
> the source IP address or the EHLO.
> 
> For the record though, it appears that's exactly what they're doing. I'd
> classify this as dain bramaged behaviour.

And then you used manawatu.net.nz as an example to show how stupid
secureserver.net is in your eyes.

-1- This domain, which does exist, has no A record. It should
    not appear in HELO.  Opinions differ if this means a
    receiver has the right to reject or not.  I think they have,
    but I understand if they don't.
-2- This domain does have an SPF record, and it is flawed. Because
    of this, the SPF record does not match the connecting host.
    As a result, the message may be rejected.  There's no doubt
    about this; manawatu.net.nz is literally asking for it.

Clearly you expected the reverse of what happened.  You expected
"helo blah" to be rejected and "ehlo manawatu.net.nz" to be accepted.
Don't even try to deny it.

> > I then start looking for other stuff, such as
> > mx:www.digistar.com, asking me to fetch the MX record for www.digistar.com,
> > and/or including non-existant records like in "include:cpe.cableone.net".
> 
> Did it cross your tiny little mind mind that perhaps I don't own Digistar?

Are you even capable of communicating, or should I only use strong language
when you're around?  If that makes it easier for you: you're an asshole.

I did not claim you do own digistar.  But I do find it more than a
coincidence that someone clearly having no clue about SPF is calling
other people names, and continues to show his ignorence about the subject.

Together with the improper record at digistar, as well as the earlier
example you used (also related to digistar or so it seems) it would not
surprise me at all if you have misconfigured at least part of it.

And I don't really care if you did or did not.  I know you could have.

Now put your insults where the sun doesn't shine and get back on topic.

More information about the RFCI-Discuss mailing list