[62415] in North American Network Operators' Group
Re: Verisign suggestion
daemon@ATHENA.MIT.EDU (Todd Vierling)
Thu Sep 18 08:34:57 2003
Date: Thu, 18 Sep 2003 08:24:40 -0400 (EDT)
From: Todd Vierling <tv@duh.org>
To: David B Harris <david@eelf.ddts.net>
Cc: nanog@merit.edu
In-Reply-To: <20030918003605.6796d602.david@eelf.ddts.net>
Errors-To: owner-nanog-outgoing@merit.edu
On Thu, 18 Sep 2003, David B Harris wrote:
: > ...and for heavens sake, stop accepting any kind of request at all on port
: > 25!! Just shut it down altogether. There is no reason for you to accept
: > any connection of any kind on port 25!
: If they don't accept anything on port 25, either by sending all packets
: to /dev/null or by responding with SYN+RST ("Connection refused"), MTAs
: everywhere will consider this a "temporary error."
Then the wildcard should have included a MX that points to nowhere, rather
than implementing a fake MTA that allows the MAIL FROM and RCPT TO addresses
to be transmitted. The record "IN MX 0 ." is commonly used for this
purpose.
--
-- Todd Vierling <tv@duh.org> <tv@pobox.com>
