Re: [ga] Godaddy mail hostname = spam errors and possible security issue?

["Jeffrey A. Williams" <jwkckid1@xxxxxxxxxxxxx>]

Andy and all,

  It appears so given what Hugo stated below.  Very sloppy and 
not registrant friendly either.


-----Original Message-----
>From: Andy Gardner <andy@xxxxxxxxxxxxxxx>
>Sent: May 1, 2010 11:02 AM
>To: "ga@xxxxxxxxxxxxxx >> GA" <ga@xxxxxxxxxxxxxx>
>Subject: Re: [ga] Godaddy mail hostname = spam errors and possible security 
>issue?
>
>
>
>Mail from a Registrar to a Registrant, rejected due to errors in the 
>Registrar's mail system is "tough luck" and not a potential security problem 
>for Registrants?
>
>And a Registrar spoofiing someone else's hostname is cool with you guys?
>
>Sheesh.
>
>
>On May 1, 2010, at 10:07 AM, Hugh Dierker wrote:
>
>> So this sure looks like an error without a problem.
>> 
>> --- On Fri, 4/30/10, Hugo Monteiro <hugo.monteiro@xxxxxxxxxx> wrote:
>> 
>> From: Hugo Monteiro <hugo.monteiro@xxxxxxxxxx>
>> Subject: Re: [ga] Godaddy mail hostname = spam errors and possible security 
>> issue?
>> To: "Andy Gardner" <andy@xxxxxxxxxxxxxxx>
>> Cc: "ga@xxxxxxxxxxxxxx >> GA" <ga@xxxxxxxxxxxxxx>
>> Date: Friday, April 30, 2010, 3:25 PM
>> 
>> On 04/30/2010 10:04 PM, Andy Gardner wrote:
>>> Godaddy appears to use "made up" hostnames for SMTP HELO entries...
>>>   
>>> 
>> 
>> Hello Andy,
>> 
>> That is in fact a shame, since the sending hostname DOES have a proper DNS 
>> setup. Even so, RFC5321 does not mandate that the correct HELO is to be 
>> provided. From section 4.1.1.1 we can extract:
>> 
>> "(...) The argument clause contains the fully-qualified domain name of the 
>> SMTP client, if one is available. In situations in which the SMTP client 
>> system does not have a meaningful domain name (e.g., when its address is 
>> dynamically allocated and no reverse mapping record is available), the 
>> client SHOULD send an address literal (...)"
>> 
>> 
>>> Received:   from unknown (HELO gdmailer03.dc1.corp.gd) (208.109.14.188) by 
>>> m1relayapp01-01.prod.mesa1.secureserver.net with SMTP
>>> 
>>> I can see a couple of problems with this.
>>> 
>>> 1. Many antiSPAM measure reject mail from unknown hosts.
>>>   
>>> 
>> 
>> 
>> True, but that's actually their own problem. If their mail gets rejected, 
>> tough luck.
>> 
>> 
>>> 2. corp.gd is a legitimate domain name owned by someone else than than 
>>> Godaddy.
>>> 
>>> Domain Name:               corp.gd
>>> 
>>> Registrant, Technical Contact, Billing Contact, Admin. Contact
>>>   SRA, MII
>>>   Private Registration, b-dul Unirii 80, Bacau, , , , 
>>> ramsmith59@xxxxxxxxx
>>> 
>>>   Romania
>>>   E-mail:                  
>>> domainmailfwd@xxxxxxxxx
>>> 
>>>   Phone:                   1.44.7833722420
>>>   Fax:                     1.40.72729289
>>> 
>>> Resource Records (2):
>>>                            ns      ns1.register.com        
>>>                            ns      ns2.register.com        
>>> 
>>> 
>>> One wonders how a major ICANN approved registrar can make such basic 
>>> technical errors, and leave them in place for YEARS?
>>> 
>>> 
>>>   
>>> 
>> 
>> 
>> One possibility is that they have contracted a mailing service from a 
>> company (corp.gd), which happens to be Godaddy client for a conectivity 
>> package, in Godaddys own ip netblock.
>> 
>> 
>> R's,
>> 
>> Hugo Monteiro.
>> -- 
>> fct.unl.pt:~# cat .signature
>> 
>> Hugo Monteiro
>> Email         : 
>> hugo.monteiro@xxxxxxxxxx
>> 
>> Telefone : +351 212948300 Ext.15307
>> Web      : 
>> http://hmonteiro.net
>> 
>> 
>> Divisão de Informática
>> Faculdade de Ciências e Tecnologia da
>>                 Universidade Nova de Lisboa
>> Quinta da Torre   2829-516 Caparica   Portugal
>> Telefone: +351 212948596   Fax: +351 212948548
>> 
>> www.fct.unl.pt                apoio@xxxxxxxxxx
>> 
>> 
>> fct.unl.pt:~# _
>> 
>> 
>
>
Regards,

Jeffrey A. Williams
Spokesman for INEGroup LLA. - (Over 294k members/stakeholders and growing, 
strong!)
"Obedience of the law is the greatest freedom" -
   Abraham Lincoln

"Credit should go with the performance of duty and not with what is very
often the accident of glory" - Theodore Roosevelt

"If the probability be called P; the injury, L; and the burden, B; liability
depends upon whether B is less than L multiplied by
P: i.e., whether B is less than PL."
United States v. Carroll Towing  (159 F.2d 169 [2d Cir. 1947]
===============================================================
Updated 1/26/04
CSO/DIR. Internet Network Eng. SR. Eng. Network data security IDNS. div. of
Information Network Eng.  INEG. INC.
ABA member in good standing member ID 01257402 E-Mail jwkckid1@xxxxxxxxxxxxx
Phone: 214-244-4827