Re-writing RFC1918 addresses? [Was: Re: Looking for way to mark a zone no-xfer for a sub-domain .]
Josh Higham
bindadmin at bigsky.net
Tue Sep 12 16:11:22 UTC 2000
-----Original Message-----
From: Bill Manning <bmanning at ISI.EDU>
To: Joseph S D Yao <jsdy at cospo.osis.gov>
Cc: Bill Manning <bmanning at ISI.EDU>; comp-protocols-dns-bind at uunet.uu.net
<comp-protocols-dns-bind at uunet.uu.net>
Date: Tuesday, September 12, 2000 8:15 AM
Subject: Re: Re-writing RFC1918 addresses? [Was: Re: Looking for way to mark
a zone no-xfer for a sub-domain .]
>I really don't like getting this type of mail.
>Check the second received line.
[...]
>Received: from atipa.com ([64.64.30.2])
> by procyon.blazenet.net (8.9.3/8.9.3) with ESMTP id GAA18910
> for <jhorn at blazenet.net>; Tue, 12 Sep 2000 06:12:35 -0400 (EDT)
>Received: from thgzg.msn.com (firewall.atipa [192.168.1.1]))
> by atipa.com with SMTP id e8C5FD327645;
> Tue, 12 Sep 2000 00:15:13 -0500
Unless I'm mistaken, the portion that you care about is entirely within your
control. If the machine that sent the spam is behind the firewall, then the
administrator of atipa.com (64.64.30.2) is the person that you should
contact. That person will then be able to catch the actual person sending
the spam, based off this information (they might be the spammer, or it might
be someone at the company). If the header gets rewritten, then you lose
unique identification information, and the administrator of the atipa.com
mailserver no longer has a way to figure out who did the deed.
Josh
More information about the bind-users
mailing list