ICANN/GNSO GNSO Email List Archives

[ga]


<<< Chronological Index >>>    <<< Thread Index >>>

Re: [ga] Godaddy mail hostname = spam errors and possible security issue?

  • To: Andy Gardner <andy@xxxxxxxxxxxxxxx>
  • Subject: Re: [ga] Godaddy mail hostname = spam errors and possible security issue?
  • From: Hugo Monteiro <hugo.monteiro@xxxxxxxxxx>
  • Date: Fri, 30 Apr 2010 23:25:00 +0100

On 04/30/2010 10:04 PM, Andy Gardner wrote:

Godaddy appears to use "made up" hostnames for SMTP HELO entries...

Hello Andy,

That is in fact a shame, since the sending hostname DOES have a proper DNS setup. Even so, RFC5321 does not mandate that the correct HELO is to be provided. From section 4.1.1.1 we can extract:

"(...) The argument clause contains the fully-qualified domain name of the SMTP client, if one is available. In situations in which the SMTP client system does not have a meaningful domain name (e.g., when its address is dynamically allocated and no reverse mapping record is available), the client SHOULD send an address literal (...)"


Received:       from unknown (HELO gdmailer03.dc1.corp.gd) (208.109.14.188) by 
m1relayapp01-01.prod.mesa1.secureserver.net with SMTP

I can see a couple of problems with this.

1. Many antiSPAM measure reject mail from unknown hosts.


True, but that's actually their own problem. If their mail gets rejected, tough luck.


2. corp.gd is a legitimate domain name owned by someone else than than Godaddy.

Domain Name:               corp.gd

Registrant, Technical Contact, Billing Contact, Admin. Contact
   SRA, MII
   Private Registration, b-dul Unirii 80, Bacau, , , , ramsmith59@xxxxxxxxx
   Romania
   E-mail:                  domainmailfwd@xxxxxxxxx
   Phone:                   1.44.7833722420
   Fax:                     1.40.72729289

Resource Records (2):
                            ns      ns1.register.com
                            ns      ns2.register.com


One wonders how a major ICANN approved registrar can make such basic technical 
errors, and leave them in place for YEARS?




One possibility is that they have contracted a mailing service from a company (corp.gd), which happens to be Godaddy client for a conectivity package, in Godaddys own ip netblock.


R's,

Hugo Monteiro.

--
fct.unl.pt:~# cat .signature

Hugo Monteiro
Email    : hugo.monteiro@xxxxxxxxxx
Telefone : +351 212948300 Ext.15307
Web      : http://hmonteiro.net

Divisão de Informática
Faculdade de Ciências e Tecnologia da
                   Universidade Nova de Lisboa
Quinta da Torre   2829-516 Caparica   Portugal
Telefone: +351 212948596   Fax: +351 212948548
www.fct.unl.pt                apoio@xxxxxxxxxx

fct.unl.pt:~# _



<<< Chronological Index >>>    <<< Thread Index >>>