[Date Prev][Date Next][Thread Prev][Thread Next] - [Date Index][Thread Index][Author Index]
Re: Online Satellite Pass Predictions
Steve Meuse wrote:
> IMNSHO, yes. If we expend effort on providing new services they should be for paying members. We need to give more of a reason for people to become members. (don't get me on a rant about the email forwarding service :)
The one that's broken by the improper use of SPF records in the
amsat.org DNS server?
The amsat.org domain/zone file has an inappropriate DNS TXT SPF record
set for the zone amsat.org.
Any serious mail server using SPF record filtering won't accept mail
from anyone using it their amsat.org address.
nate@durango:~$ dig amsat.org txt
; <<>> DiG 9.3.2 <<>> amsat.org txt
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28506
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;amsat.org. IN TXT
;; ANSWER SECTION:
amsat.org. 604800 IN TXT "v=spf1 a mx
a:slowpoke.ucsd.edu ~all"
;; AUTHORITY SECTION:
amsat.org. 152458 IN NS hamradio.ucsd.edu.
;; ADDITIONAL SECTION:
hamradio.ucsd.edu. 72500 IN A 132.239.1.144
;; Query time: 133 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon May 22 21:22:18 2006
;; MSG SIZE rcvd: 132
To explain SPF: The TXT record for SPF in the AMSAT DNS zone says in
essence to all mail servers that implement SPF:
"The only mail server you should EVER receive mail from that has an
amsat.org DNS record is the machine called slowpoke.ucsd.edu."
This means that if you receive mail from your AMSAT mail address and try
to respond to it through your mail server (AMSAT doesn't ALLOW you to
use theirs, of course -- which is perfectly appropriate and fine), then
many mail system admins will have set up their e-mail systems to THROW
AWAY your reply.
This is a broken and completely incorrect use of SPF records for a
domain that is used as a mail catch-all/reflector service.
I hear other people have complained about this and the DNS admin
wouldn't budge. Perhaps bringing it to public light might get something
done about it?
I wouldn't bother to post this, except for that. I'd start with trying
to contact the DNS admin.
nate@durango:~$ dig amsat.org soa
; <<>> DiG 9.3.2 <<>> amsat.org soa
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 24013
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1
;; QUESTION SECTION:
;amsat.org. IN SOA
;; ANSWER SECTION:
amsat.org. 0 IN SOA amsat.org.
brian.ucsd.edu. 16 36000 1800 864000 864000
;; AUTHORITY SECTION:
amsat.org. 152122 IN NS hamradio.ucsd.edu.
;; ADDITIONAL SECTION:
hamradio.ucsd.edu. 72164 IN A 132.239.1.144
;; Query time: 99 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon May 22 21:27:54 2006
;; MSG SIZE rcvd: 125
The DNS records say that's: brian@ucsd.edu
Perhaps Brian really hasn't been contacted, I don't know really. But
this is definitely broken.
a) AMSAT needs to allow slowpoke.ucsd.edu be an open mail relay -- which
is an absolutely HORRIBLE idea, or...
b) The AMSAT DNS admin needs to take that record out of the amsat.org
zone file, or...
c) AMSAT can continue to ignore it and all my mail servers (and hundreds
of others) will continue to ignore mail delivered from
"anyone@amsat.org" that wasn't originated from the slowpoke.ucsd.edu
machine.
You can read up on SPF records at http://www.openspf.org/ and decide for
yourselves if you feel like using AMSAT's mail service. Personally I won't.
If you reply to people with your REAL e-mail address after receiving
mail to your @amsat.org account, then there's no problem -- but if you
try to send mail with your From: header set to "yourcall@amsat.org",
don't be too surprised if people don't get your replies.
This makes an amsat.org remailer address much less useful than it could be.
Nate WY0X
----
Sent via amsat-bb@amsat.org. Opinions expressed are those of the author.
Not an AMSAT member? Join now to support the amateur satellite program!
To unsubscribe, send "unsubscribe amsat-bb" to Majordomo@amsat.org
AMSAT Home