On Friday 27 January 2006 01:13 pm, Ben Scott wrote: > Anyone else seen this? Is it just net.stupidity on the part of some > mail server operators somewhere, or are spammers/attackers trying > something new?
I can imagine a scenario where this may be helpful to people. Can't imagine a way to misuse that sort of entry, but imagine that a company has a mail server on an internal IP address that receives incoming traffic from the outside world through NAT. So that external address gets NAT'd down to the internal address. Any servers on that internal network that try to send email to their domain, looking up the external IP, and try to connect. Because of the NAT, then that may be difficult to route properly. Even if they can the NAT to translate the stream to the mail server, the mail server will likely just reply directly to the internal address of the client server because that's the source of the incoming connection post-NAT. This will cause connections to fail and hang and all that stuff. If however, they have an MX record for both the internal and external IP addresses and don't setup anything to allow routing from inside to the public IPs, then those machines that might try to connect to it will fail to connect to the first MX record (the public IP) and fall back to the secondary MX record (internal). It's a hack, but if you don't have good DNS views setup or have difficult routing with NAT without the ability to do two-way NAT, then it should work. -N _______________________________________________ gnhlug-discuss mailing list gnhlug-discuss@mail.gnhlug.org http://mail.gnhlug.org/mailman/listinfo/gnhlug-discuss