[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: fooling MTAs.
>body and envelope
Ok, I know that. And I can almost understand about the thing about the
SMTP server friendlily warning about 'may be spoofed'. What I don't
understand is, why does it accept the message if the From: domain is not
the same as the IP of the incoming connection resolved by the name server
?! Normally I would enforce dropping connections with the From: domain not
resolving to the sender IP (or an accepted sender from an ACL).
Out of line: I was thinking about SMTP and long haul mail transmissions.
You know, there is a thing called ping time, the time a radio signal
requires to fly up and down to/from a sattelite or pass through zillions
of wavelengths of fiber or copper wire. In SMTP the smallest number of
question-reply pairs required to pass a connection is of 6. This means
that the smallest mail message (null body) passes through a channel of ANY
speed (no matter how fast) within MORE than 6*ping_time.
If the ping_time is 0.3 sec (optimistical value over the Atlantic Ocean,
i.e. from Israel to the States) then the shortest time required to pass
an email via SMTP is of 1.8 seconds. With 10,000 messages to pass this is
18,000 seconds, 300 minutes or 5 hours.
I infer that *NOONE* (sane) is using SMTP over long-haul. So what is being
used ? A variation of UUCP batch mail over TCP ? BTW, noone could afford
to send email if he had to pay for 1.8 seconds of sattelite channel air
time for each message.
subject for rumination....
regards,
Peter
(plp@actcom.co.il)