Re: [Asrg] What are the IPs that sends mail for a domain?

Dotzero <dotzero@gmail.com> Wed, 17 June 2009 12:25 UTC

Return-Path: <dotzero@gmail.com>
X-Original-To: asrg@core3.amsl.com
Delivered-To: asrg@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id D02A23A6DDB for <asrg@core3.amsl.com>; Wed, 17 Jun 2009 05:25:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id tdODryBPZrD6 for <asrg@core3.amsl.com>; Wed, 17 Jun 2009 05:25:18 -0700 (PDT)
Received: from qw-out-2122.google.com (qw-out-2122.google.com [74.125.92.27]) by core3.amsl.com (Postfix) with ESMTP id 803883A69B2 for <asrg@irtf.org>; Wed, 17 Jun 2009 05:25:18 -0700 (PDT)
Received: by qw-out-2122.google.com with SMTP id 3so122854qwe.7 for <asrg@irtf.org>; Wed, 17 Jun 2009 05:25:29 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:in-reply-to:references :date:message-id:subject:from:to:cc:content-type :content-transfer-encoding; bh=ZSDA17pmKwtuvx/FyFCXIEYbeMD5rpIZ3JgI7FQW52A=; b=j9MTZsIAagMyRBpww/Dd+mdpwjqIPfAHJPTVlkSuHMz6ZpKdQClJCHu+UVcrJIlmcz WjMG6tgeVjRC4vaGb91MHM7psVe4m/2BYfdMV/yf7Gnb3TYb4fKKWTIPTx6N3KsQ+e7O yI2XSJwjJu/KIU/+VXMSQpIYRZtv7Q37IpVvA=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:content-transfer-encoding; b=JFaADtX4pcNT9YDx6ztstYxTl/IDaedfYK5NeePkcShBFMobvgGd/J7mqCT7Ak4T/3 1BwJQQ5pI+zXGBIku9fAulX/y6UCB1jz+JVbhpBauCEF8eHUqS+rvywzP5xkPPGMF7qz UO6VUYeTC+wxln6/ejXvEp1GeMknB6tMz5UHI=
MIME-Version: 1.0
Received: by 10.220.46.20 with SMTP id h20mr35894vcf.55.1245241529004; Wed, 17 Jun 2009 05:25:29 -0700 (PDT)
In-Reply-To: <9112777.1871245190785748.JavaMail.franck@iphone-4.genius.local>
References: <4515812.1851245190668283.JavaMail.franck@iphone-4.genius.local> <9112777.1871245190785748.JavaMail.franck@iphone-4.genius.local>
Date: Wed, 17 Jun 2009 08:25:28 -0400
Message-ID: <7ae58c220906170525s32c0e9f8p7c42f97e34cc0524@mail.gmail.com>
From: Dotzero <dotzero@gmail.com>
To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Subject: Re: [Asrg] What are the IPs that sends mail for a domain?
X-BeenThere: asrg@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
Reply-To: Anti-Spam Research Group - IRTF <asrg@irtf.org>
List-Id: Anti-Spam Research Group - IRTF <asrg.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/asrg>
List-Post: <mailto:asrg@irtf.org>
List-Help: <mailto:asrg-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/asrg>, <mailto:asrg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 17 Jun 2009 12:25:20 -0000

On Tue, Jun 16, 2009 at 6:20 PM, Franck Martin<franck@avonsys.com> wrote:
> I recently encountered the following question/problems.
>
> I have a mail server and one of my users complains he is not receiving
> emails from a domain. How do I find if I have blocked the domain from
> sending to my server. Meaning, knowing the domain name of the sender, how do
> I find the IPs from where the mail could be sent from. It seems that SPF is
> the only tool to provide that answer?
>

One approach that might help you is to go to senderscore.org (from
ReturnPath). Register for a free account and then enter in the domain
name. For example, when I enter in avonsys.com it shows me that there
is one IP address sending mail for that domain - 76.203.192.33 with a
hostname of adsl-76-203-192-33.dsl.rcsntx.sbcglobal.net.

Hope this helps.


> In another related problem, which is linked to IPv6 and RBL. Buidling an
> IPv6 RBL could lead to a huge database. Sure you can alleviate by using
> "wildcards", but why not use the reverse DNS resolution to add a TXT record
> associated to the IP to indicate the IP is the one of a mail server? So any
> IP that does not have this record would be blocked for SMTP. As IPv6 is not
> used for SMTP (or barely), this could be made mandatory for IPv6 and
> optional for IPv4. An MUA could talk to an MTA on port 25 because we know
> the the etwork range of the MUA or the alternative is to use the new mail
> submit port.
>
> _______________________________________________
> Asrg mailing list
> Asrg@irtf.org
> http://www.irtf.org/mailman/listinfo/asrg
>
>