Re: Mail relay question

[Ansgar -59cobalt- Wiechers <bugtraq () planetcobalt net>]

On 2008-02-22 Nick Vaernhoej wrote:
> I should have been more clear, I consider it spam due to my leaning
> towards not being open to relay.
> The vast majority of the spam appears to be returned email because the
> destination domain doesn't have a recipient for the email.

That's called backscatter, and as long as there are braindead mail
server admins who configure their server to accept mail before checking
whether it can actually be delivered you will just have to live with it.

There are ways to deal with it, though. For example you can put an
additional header (X-Canary or something) with some arbitrary string
into all your outgoing mail, and discard all backscatter that doesn't
contain this string.

> I guess knowing the little I do about email mechanisms I don't
> understand why the IP of the connecting client can craft an email FROM
> a domain the IP does not resolve to?

Take a look at snail mail. The sender can write arbitrary sender
addresses on the letter as well as the envelope. E-mail is just the
same.

[...]
> Depends, my thought was that my wife will trust anything sent to her
> as long as it appears to come from me.

She's assuming wrong. You'd need digital signatures (like e.g. PGP) to
ensure the authenticity of an e-mail (and its sender).

Regards
Ansgar Wiechers
-- 
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq