Mailing List CGatePro@mail.stalker.com Message #106424
From: Gib Henry <Gib@GibHenry.com>
Subject: Re: Detect Blacklisted by DNS Name
Date: Sat, 20 May 2017 12:59:56 -0500
To: CommuniGate Pro Discussions <CGatePro@mail.stalker.com>

Wow, thanks!  That’s certainly not obvious.  I had always assumed that the  line “Received: from mail14.pikou.vip ([23.110.134.117] verified)” meant that CGP had verified that 23.110.134.117 really was mail14.pikou.vip.  Not so, apparently.  Seems counter-intuitive.  Cheers,
--
Gib Henry


On 5/20/17 10:59 AM, Nicolas Hatier wrote:
The blacklist by DNS name does a PTR request on the IP address.

While mail14.pikou.vip has an A record pointing to 23.110.134.117, 23.110.134.117 does not have a PTR record pointing to mail14.pikou.vip.

Nicolas Hatier, ing. <nicolas.hatier@niversoft.com>
Niversoft idées logicielles - http://www.niversoft.com



On 2017-05-20 10:55, Gib Henry wrote:

I am currently set to block all traffic originating from the top-level domain .vip:

However, that appears to fail, because this message came through:

Return-Path: <23-174-11971677.LjExMC41NC4xNDY-pm-1-1-36983-312-hvotzem524@mail14.pikou.vip>
Received: from mail14.pikou.vip ([23.110.134.117] verified) by…

I see rejections from mrsend.it, so I know the detection can work.  What am I missing in this case?  Can I not block an entire top-level domain?  Cheers,
--
Gib Henry



Subscribe (FEED) Subscribe (DIGEST) Subscribe (INDEX) Unsubscribe Mail to Listmaster