Ignoring MX records - how common

Mark_Andrews at isc.org Mark_Andrews at isc.org
Wed Feb 12 06:13:52 UTC 2003 

> > From: Mark_Andrews at isc.org 
> > 	Why do you care?  
> ---
> 	It could be "Ed McMann" with a new way of contacting million
> dollar prize winners?
> 
> 
> >     All such MTAs are BROKEN.  The best thing
> > 	you can do with a broken MTA is to not accept mail from it.
> ---
> 	It depends on who is using the broken MTA.  The maintainers of
> the broken MTA are at fault in running the broken MTA.  That doesn't
> mean the users of that "provider" have control or a clue that anything
> is wrong.  You are spiting the 'users' because of the actions of the
> "admins".  I'd have to say that such a response really isn't "user
> friendly". :-| (str8face)

	It's in the user's interest to get broken software replaced.

	Sending email where is not expected to go results in
	information leaks.  Think about all the web sites that are
	hosted by third parties.  Do you want all your email going
	to the web host?

	There is no excuse to be running a MTA that ignores MX
	records.  Looking for MX records and NOT looking for A
	records if the MX records exists was made MANDITORY 13 years
	ago.
	
> > 	The best way to do that is to not run a SMTP daemon unless
> > 	you are expecting to receive email.
> ---
> 	True, in any event.
> 
> > 	People pandering to broken software results in the continued
> > 	use of broken software.  This in no good for anyone.
> ---
> 	Broken software happens regardless of pandering.  It's like I
> could refuse to listen to anyone that doesn't talk grammatically correct
> English, or doesn't write email with perfect grammar and spelling.  
> Would such an action hurt me more, or will it "show them" and force
> "them" to change?

	Broken software should be detected and removed/fixed as soon as
	possible.

> > 	Well you are doing them a disservice by accepting the email.
> ---
> 	He'd be doing himself a service to accept the email if he knows
> it isn't spam.  I don't think it does the end-user, not running the
> misconfigured MTA, either a service or a disservice.  

	You are doing disservice because you are not feeding back
	to the sender that they are leaking email.  It's just luck
	that the machine is in the same organisation as where the
	MX points to.  I know I would want this stopped if my email
	was being misdirected.

> 	That all said, Simon's idea of sending off a nasty-gram, perhaps 
> to the MTA-postmaster, seems like a good stab at a "least-damage",
> constructive response -- and he can still choose to accept the email
> if it doesn't seem that it is spam -- doesn't that help everyone "win"?
> 
> 	Additionally, if desired, he could also send a copy of the
> MTA-agent-broken email to the user (or a separate email, written to
> be understood by an end-user, describing what action they should take).
> 
> 	People are imperfect.  Shutting out all people who are imperfect
> could be a bit isolating. (?) But, then, I think that's why many of us
> computer types find some solace in computers -- unlike the world, they
> usually work logically.  Unfortunately, as more programs are written by
> non-computer types, I find more programs don't work 'logically'...:-/
> "Help, help! the 'mundanes' are invading!!!" ;^)

	Yes people are imperfect.  The faster you have negative feedback
	the faster you can fix the problem.
	
	Mark
--
Mark Andrews, Internet Software Consortium
1 Seymour St., Dundas Valley, NSW 2117, Australia
PHONE: +61 2 9871 4742                 INTERNET: Mark.Andrews at isc.org

More information about the bind-users mailing list