<<<
Chronological Index
>>> <<<
Thread Index
>>>
Re: [ga] Godaddy mail hostname = spam errors and possible security issue?
- To: "ga@xxxxxxxxxxxxxx >> GA" <ga@xxxxxxxxxxxxxx>
- Subject: Re: [ga] Godaddy mail hostname = spam errors and possible security issue?
- From: Andy Gardner <andy@xxxxxxxxxxxxxxx>
- Date: Sat, 1 May 2010 11:02:44 -0500
Mail from a Registrar to a Registrant, rejected due to errors in the
Registrar's mail system is "tough luck" and not a potential security problem
for Registrants?
And a Registrar spoofiing someone else's hostname is cool with you guys?
Sheesh.
On May 1, 2010, at 10:07 AM, Hugh Dierker wrote:
> So this sure looks like an error without a problem.
>
> --- On Fri, 4/30/10, Hugo Monteiro <hugo.monteiro@xxxxxxxxxx> wrote:
>
> From: Hugo Monteiro <hugo.monteiro@xxxxxxxxxx>
> Subject: Re: [ga] Godaddy mail hostname = spam errors and possible security
> issue?
> To: "Andy Gardner" <andy@xxxxxxxxxxxxxxx>
> Cc: "ga@xxxxxxxxxxxxxx >> GA" <ga@xxxxxxxxxxxxxx>
> Date: Friday, April 30, 2010, 3:25 PM
>
> On 04/30/2010 10:04 PM, Andy Gardner wrote:
>> Godaddy appears to use "made up" hostnames for SMTP HELO entries...
>>
>>
>
> Hello Andy,
>
> That is in fact a shame, since the sending hostname DOES have a proper DNS
> setup. Even so, RFC5321 does not mandate that the correct HELO is to be
> provided. From section 4.1.1.1 we can extract:
>
> "(...) The argument clause contains the fully-qualified domain name of the
> SMTP client, if one is available. In situations in which the SMTP client
> system does not have a meaningful domain name (e.g., when its address is
> dynamically allocated and no reverse mapping record is available), the client
> SHOULD send an address literal (...)"
>
>
>> Received: from unknown (HELO gdmailer03.dc1.corp.gd) (208.109.14.188) by
>> m1relayapp01-01.prod.mesa1.secureserver.net with SMTP
>>
>> I can see a couple of problems with this.
>>
>> 1. Many antiSPAM measure reject mail from unknown hosts.
>>
>>
>
>
> True, but that's actually their own problem. If their mail gets rejected,
> tough luck.
>
>
>> 2. corp.gd is a legitimate domain name owned by someone else than than
>> Godaddy.
>>
>> Domain Name: corp.gd
>>
>> Registrant, Technical Contact, Billing Contact, Admin. Contact
>> SRA, MII
>> Private Registration, b-dul Unirii 80, Bacau, , , ,
>> ramsmith59@xxxxxxxxx
>>
>> Romania
>> E-mail:
>> domainmailfwd@xxxxxxxxx
>>
>> Phone: 1.44.7833722420
>> Fax: 1.40.72729289
>>
>> Resource Records (2):
>> ns ns1.register.com
>> ns ns2.register.com
>>
>>
>> One wonders how a major ICANN approved registrar can make such basic
>> technical errors, and leave them in place for YEARS?
>>
>>
>>
>>
>
>
> One possibility is that they have contracted a mailing service from a company
> (corp.gd), which happens to be Godaddy client for a conectivity package, in
> Godaddys own ip netblock.
>
>
> R's,
>
> Hugo Monteiro.
> --
> fct.unl.pt:~# cat .signature
>
> Hugo Monteiro
> Email :
> hugo.monteiro@xxxxxxxxxx
>
> Telefone : +351 212948300 Ext.15307
> Web :
> http://hmonteiro.net
>
>
> Divisão de Informática
> Faculdade de Ciências e Tecnologia da
> Universidade Nova de Lisboa
> Quinta da Torre 2829-516 Caparica Portugal
> Telefone: +351 212948596 Fax: +351 212948548
>
> www.fct.unl.pt apoio@xxxxxxxxxx
>
>
> fct.unl.pt:~# _
>
>
<<<
Chronological Index
>>> <<<
Thread Index
>>>
|