NNSquad - Network Neutrality Squad
[ NNSquad ] Re: Liability issues in ISP-injected ad systems?
On Sun, Apr 20, 2008 at 04:07:19PM -0600, Brett Glass wrote: > It is unclear why this would create any more or different vulnerabilities > than one might expect from any other site which contained third party > advertising. One of the negative consequences of this (although it might arguably be considered an existing vulnerability) is that failure to properly return NXDOMAIN breaks any number of anti-spam measures. In particular, it's become a best practice to check the SMTP client's rDNS, the domain HELO'ing in the SMTP transaction, the envelope sender's domain and domains in header fields like "From:" and "Reply-To:". If any of these don't exist, then either there's a misconfiguration on the sending side or it's spam/forgery/phish/whatever. These are simple/cheap sanity checks that have shown themselves to be highly effective (high TP rate, low FP rate) in practice. The best place to check for this is on the SMTP server while the client's connected, but a fallback is in the mail user agent that's presumably connected with POP or IMAP to a user's mail server. In either case, though, if NXDOMAIN results aren't returned, then they're going to break. ---Rsk