pilot error? or idiots at microsoft?

Wed, 10 Aug 2011 07:26:38 -0700

so, what brain decided it would be ok to use 169.* addresses for their internal ip's?
was it microsoft? (var says that ms uses these for their internal clustering ip's for clustered exchange servers) 

so, either ms is really being stupid, or the var has something set up wrong.

and.. guess what,  SA doesn't know that 169* addresses are 'internal'


here is a outbound email (note: yes, this is amavisd, so, if you reply, 
trim your cc to the group you subscribe to, thanks).



but our 'outbound' policy maps required a 9+ before its marked spam, so, 
amavisd doesn't know this is outbound email. based on these silly 
169.254.* ip's..


so, anyone ever heard of something so stupid?


x-spam-status:Yes, score=4.603 tag=-999 tag2=4 kill=4 
tests=[APOSTROPHE_FROM=0.545, BAYES_40=-0.001, DCC_REPUT_00_12=-0.4, 
HTML_MESSAGE=0.001, LOCAL_1UB_FORGED=2, RDNS_NONE=0.793, 
SARE_GIF_ATTACH=1.42, SPF_SOFTFAIL=0.665, ST_CREDIT_FOR_TWO=-1.42, 
ST_INLINE_IMAGE=1] autolearn=no



received:from spamtrap2.client.local ([127.0.0.1]) by 
spamtrap2.client.local (spamtrap2.client.local [127.0.0.1]) 
(SpammerTrap(r) SME-500, port 10024) with LMTP id QxTwPcYqMh-9 for 
<u...@example.com>; Wed, 10 Aug 2011 09:57:53 -0400 (EDT)



received:from MBX2.client.local (unknown [172.20.128.25]) (using TLSv1 
with cipher AES128-SHA (128/128 bits)) (No client certificate requested) 
by spamtrap2.client.local (Postfix) with ESMTPS id 6773561C0F5 for 
<u...@example.com>; Wed, 10 Aug 2011 09:57:53 -0400 (EDT)



received:from MBX1.client.local ([169.254.1.69]) by MBX2.client.local 
([169.254.2.63]) with mapi id 14.01.0289.001; Wed, 10 Aug 2011 09:57:51 
-0400

--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
>*| *SECNAP Network Security Corporation

   * Best Mobile Solutions Product of 2011
   * Best Intrusion Prevention Product
   * Hot Company Finalist 2011
   * Best Email Security Product
   * Certified SNORT Integrator


______________________________________________________________________

This email has been scanned and certified safe by SpammerTrap(r). 
For Information please see http://www.secnap.com/products/spammertrap/

______________________________________________________________________  





















					Reply via email to