[CentOS] SPAM on the List

Mon Jul 18 04:03:54 UTC 2011
Les Mikesell <lesmikesell at gmail.com>

On 7/17/11 10:22 PM, Always Learning wrote:
>
>> Multiple interfaces, multiple IP addresses.  Sendmail isn't going to track which
>> interface it is sending on and adjust its greeting.
>
> Sendmail ?  Golly some of us have advanced to more advance systems like
> Exim ;-)

Does it vary it's HELO per interface?  How is it aware of upstream NATs?

> When I complained to Cable&  Wireless who operate mail sending from all
> the UK police forces, they adopted a seemingly unique solution by having
> the identical host name mapped to their different IP addresses. That
> solution solved it for me.

I'm somewhat shocked that they made such a change when there is no standard that 
requires it.

> It is not inbound (to them) that interests me but outbound. Every IP
> address can have a host name, so in theory there is no reason for the
> use of fake (non-existent or wrong) host names when sending emails.

IP addresses do not correspond to hosts.  They correspond to interfaces.  There 
is not a 1 to 1 correspondence between hosts and IPs.

> When a computer application is configured to send emails, part of the
> configuration process permits a host name to be chosen. In theory there
> seems no sensible reason for a fake host name to be used and that must,
> I would have thought, apply to multi-homed, clustered, load-balancers
> etc. There is absolutely nothing to stop several IP addresses having the
> identical host name.

If you like to waste IP addresses, you could add some just to give them names 
that would keep you happy.

>> Just because it doesn't match the IP doesn't make it fake.
>
> There are three reasons why a host name may not match the IP address it
> is operating on.
>
> (1) there is no A record so that host name does not exist;
>
> (2) there is no reverse name for the IP address;

There isn't much correspondence between 1 and 2 either.  The host name, the 
forward DNS entry and reverse DNS entry are all very different things, generally 
managed by different sets of people, even in cases where there is a one to one 
correspondence, which there often isn't.

> (3) the host name belongs to a different IP address;

Or many of them.

> Bogus host names are simply a symptom of a disorganised and neglected
> mail sending (and perhaps also receiving) system where no one takes any
> pride in doing an important job responsibly.

Or people following what the standard says and expecting others to do the same.

-- 
   Les Mikesell
    lesmikesell at gmail.com