[RCU] Misconfigured Mailing List DNS
roundcube at ptld.com
roundcube at ptld.com
Sun Aug 15 22:51:54 CEST 2021
>> "The sender-SMTP MUST ensure that the <domain> parameter in a HELO
>> command is a valid principal host domain name for the client host."
>> BULLSHIT - "a valid principal host domain name for the client host" is
>> exactly that - not more and not less!
>> it's not enough that you can read, you also need to understand what
>> you need
>> "for the client host" meaning *NOT* FCrDNS - you are a moron
> and to make it clear: "a valid principal host domain name" is defined
> by https://datatracker.ietf.org/doc/html/rfc952
> come back when you found FCrDNS or PTR there
You are right, reading is not the same as comprehension. rfc952 simply
goes over valid string characters allowed in a domain name. There is
nothing in there about the meaning of the terms "valid principal host
domain name". That link does not support either yours or my position. It
is only telling you what characters are allowed in a domain name.
What you are doing is cherry picking words in a sentence out of context.
Try reading the sentence in it entirety. Words have meaning. First off,
they say "a valid principal host domain name". Why do you think there
are so many words in there and they just didn't say "a domain name".
Just saying "a domain name" would support your argument that the only
requirement is just a domain name as defined by rfc952.
But they didn't just say "a domain name", they said a "valid" and
"principal host" domain name. Why be repetitive saying "valid" if it is
to only mean correct characters when just saying "domain" already
encompasses that? Unless "valid" in that context has more meaning? Oh
wait it does, they want a valid "principal host" domain name. Not just a
valid domain name. Do they say "valid IP" every where in the RFC's when
they talk about an IP? No because its already implied. Do they even say
"valid domain" everywhere in the RFC's when they talk about domains? No
they don't. So an intelligent person would understand the usage of that
world has more meaning than just being a domain. Its already self
implied because if its wasn't valid, meaning having the proper
characters, it wouldn't be a "domain" by their definitions.
Using your logic the sentence should read:
"a valid principal valid host valid domain valid name"
Now moving on, what is a "principal host". A principal host is an
identifier to a type of service and its host. It's talked about a lot in
RFC4120. The tl;dr is that in all cases where the RFC's talk about
principle names and principle host its always in context of being able
to identify that service and server its hosted on. That would involve
some kind of lookup mechanism, some way to resolve a string name
(domain) to a location (IP) meaning... DNS.
Now for the 2nd part of that sentence. It says, and the most important
part, "for the client host". A non DNS unresolving domain name as you
claim, wouldn't be for ANY host as it would not map to any server. So
not only do they say the HELO *MUST* be a valid principal host (name
that identifies service and host) domain name but that it must be for
"the client host", as in the client that connected to the mail server.
Meaning the "valid" (aka resolving) domain must be for that connecting
host, meaning FCrDNS. Your "fuck.this" is NOT for that client host
because it does not map back to that host therefor making it NOT a valid
domain for THAT client host.
But wait, there is more. Back to RFC-821 Section 3.5 it also says:
"The HELO receiver MAY verify that the HELO parameter really corresponds
to the IP address of the sender."
Now i know this takes some critical thinking and reading comprehension,
but i will pose this question to you. Why would they say receiving
servers MAY verify that the HELO corresponds to the IP of the sender if
their intention of "a valid principal host domain name" only meant valid
characters in a domain name that doesn't need to exist in DNS or be
FCrDNS? Notice the use of "really corresponds"? In English that implies
it was already the assumed that it DID correspond. Meaning they are
starting from the position that the HELO *IS* FCrDNS.
More proof of intent? They then say "the receiver MUST NOT refuse to
accept a message, even if the sender's HELO command fails verification".
Why would they say that if it was assumed that the HELO wasn't FCrDNS to
begin with? If "a valid principal host domain name" only meant valid
domain characters and didn't have anything to do with DNS there would be
nothing to verify, and they would be operating from a starting point
with the assumption it would never verify. But in reality the RFC
authors are staring from the assumption that the HELO is FCrDNS because
they clearly say it *MUST* be and that is why they then follow up with
telling people, but if it doesn't verify as is expected it should,
receiving servers should still accept the message.
> "fuck.this" is a "a valid principal host domain name"
According to the RFC's it is not. It does not identify a service type
nor server host where you could find said service.
[root]# nslookup fuck.this.
** server can't find fuck.this: NXDOMAIN
At best "fuck.this" meets the requirements of valid characters in a
> as full service provider you may host websites and dns but not the
What does that mean or prove? Yeah lots of people don't host their own
mail servers because they are complicated and difficult for people to
understand and get right. Case and point. But even people who use google
or outlook to host their mail servers are still expected to setup their
DNS correctly for it to work right. Guess what? Google and Microsoft use
FCrDNS for their HELO. So what is your point? That not hosting your own
mail server means you don't need proper DNS and it will just work with
> you are a moron
> bullshit - you don't understand what you read
> you are a clueless moron
> i am allergic against bullshit
You know insults and name calling doesn't make you right. It just makes
you look like a little angry person with over compensation and
projection issues. If someone is misinformed, educate them, explain to
them why as im trying to do for you. Insulting people isn't helping
More information about the users