Anyone want to guess what happens to all those from addresses it captures?
No doubt.. It's unfortunate that they are running a daemon on port 25 on that
box.. and that it actually lets you helo and mail from.. and not until you
get to rcpt to does it reject.. unless you use a domain its now got cached
in which case it accepts the to: and closes at data. (So, if you rcpt twice,
it'll accept it.. cuz like everyone else, its own dns server resolves
everything)
[netmask@devnull netmask]$ telnet www.oisdufoisdufoisuf.com 25
Trying 64.94.110.11...
Connected to www.oisdufoisdufoisuf.com.
220 snubby3-wceast Snubby Mail Rejector Daemon v1.3 ready
helo ishouldntresolvebutthankstoyouido.com
250 OK
mail from: <ihateverisign@ishouldntresolvebutthankstoyouido.com>
250 OK
rcpt to: <anyone@lkajsdflkjasdflkjasdf.com>
550 User domain does not exist.
rcpt to: <anyone@lkajsdflkjasdflkjasdf.com>
250 OK
data
221 snubby3-wceast Snubby Mail Rejector Daemon v1.3 closing transmission
channel
So then now instead of mail to misspelled domains, instead of
bouncing, now goes to /dev/null and you have no idea that your
critically important piece of information didn't get through?
Neat.
So then now instead of mail to misspelled domains, instead of
bouncing, now goes to /dev/null and you have no idea that your
critically important piece of information didn't get through?
Well, it drops the data channel.. So it should still bounce back, but
regardless.. The remote side returns user unknown when I have sendmail do it:
Sep 15 20:48:23 devnull sendmail[626]: h8G1mEH6000624:
to=<blah@lkjasdflkjasdlf.com>, ctladdr=<netmask@devnull.domain.com> (500/500),
delay=00:00:09, xdelay=00:00:09, mailer=esmtp, pri=30324,
relay=lkjasdflkjasdlf.com. [64.94.110.11], dsn=5.1.1, stat=User unknown
Either way.. I don't trust verisign.. I didn't trust them when we were forced
to use them in the mid-90's, and I certainly don't trust them today.
I read that last message regarding the SSL certs.. I don't think they would go
that far.. but, I didn't think they would go this far either. Verisign and SCO
should team up, they could both win awards on lack of ethics.
In the immortal words of Wayne E. Bouchard (web@typo.org):
So then now instead of mail to misspelled domains, instead of
bouncing, now goes to /dev/null and you have no idea that your
critically important piece of information didn't get through?
You _hope_ it goes to /dev/null.
It might be interesting to seed a few pieces of "accidentally" typo'ed
mail to .net domains and see how many of the "From" addresses get
sales email from Verisign in the coming year.
And I'm sure that the Department of Homeland Security would not be
even slightly interested in performing signal analysis on the vast
majority of mis-typed emails in this and most other countries.
Interesting times.
-n
-----------------------------------------------------------<memory@blank.org>
"So perhaps the factor constraining the Internet's growth is "good taste."
(--Paul Vixie)
<http://blank.org/memory/>---------------------------------------------------