14 May 17:00
Re: Mx lookup
From: Mark Blackman <mark <at> exonetric.com>
Subject: Re: Mx lookup
Newsgroups: gmane.mail.postfix.user
Date: 2008-05-14 15:00:00 GMT
Subject: Re: Mx lookup
Newsgroups: gmane.mail.postfix.user
Date: 2008-05-14 15:00:00 GMT
On 14 May 2008, at 15:53, Blake Hudson wrote: > -------- Original Message -------- > Subject: Re: Mx lookup > From: Mark Blackman <mark <at> exonetric.com> > To: Charles Marcus <CMarcus <at> Media-Brokers.com> > Date: Wednesday, May 14, 2008 9:41:51 AM >> >> On 14 May 2008, at 15:34, Charles Marcus wrote: >> >>>>> Just log into your OpenDNS account and disable 'Typo >>>>> Corrections' and >>>>> you're good to go... >>> >>>> Thanks, I certainly didn't realize that option existed, but >>>> how does that deal with malicious conflicting IP entries? >>>> >>>> i.e. >>>> user A declares they do queries from IP A and turn off typo >>>> correction >>>> user B declares they do queries from IP A *as well* and turn >>>> *on* typo >>>> correction. >>> >>> ? What do users have to do with it? This is on a server. If you have >>> your mail server DNS pointed at OpenDNS, it simply uses OpenDNS. You >>> need to have an account with them (free), which is associated >>> with your >>> IP address(es) in the 'Networks' section. >> >> I don't think it's uncommon to have a postfix system sitting behind >> a NAT IP address with a public IP address shared by web clients >> in the same office. First person to sign up with that *shared* >> public IP >> address controls the settings as far as I can tell and that might >> not be >> the system administrator. >> >> - Mark >> >> > Perhaps someone should contact OpenDNS, as mx lookups may not be > suitable for "typo correction". The reasons being that 1) it breaks > software that rely on nxdomain responses (specifically common in > MTAs); 2) even if an email made it to the intended destination > server, that server would likely reject the message because the > domain or mailbox doesn't exist (because of the typo). as Charles pointed out, the typo correction feature can be turned off by the first person to declare that IP as theirs (by registering *from* that IP) and the typo correction is done on the A record lookup that follows a failed MX lookup, I believe and so it's a bit tough to discern intentions for that case. - Mark > > e.g. I email user5 <at> gmaill.com - > Oh no, gmaill.com doesn't exist, but typo correction saves the day > and figures out you meant to send to user5 <at> gmail.com > Your server sends to gmail, but oh wait! gmail.com's mail servers > don't accept email for gmaill.com, your message is rejected. > > This detection could have happened earlier and the message never > left the sender's client... I don't see any win for using typo > correction on MX records... AGain, perhaps a registered user of > OpenDNS could let them know about this issue. > > -Blake
RSS Feed