[Wolves] MX records

chris procter chris-procter at talk21.com
Thu Feb 17 15:16:42 GMT 2005 

 --- Simon Burke <simon.burke at gmail.com> wrote: 
> HI,
> 
> Currently my mail server (exchange) :( is currently
> setup to just poll
> a pop3 account for e-mail. Which IMO is a waste of
> the exploitive cost
> of exchange,

Actually this setup works reasonably if you expect
your  net connection between the (presumably
externally hosted) pop3 server and your (internally
hosted) exchange server to be unreliable. Mail will
build up on the pop3 server untill exchange next
manages to get a connection to it and download the
emails, wether the connection is down 5 minute or 5
years. Of course it still doesn't need to be exchange,
a *nix mailserver could poll just as well.


> At the momment they are saying 'oh, its less secure
> to do it via MX
> records' (and i get the impression that they dont
> understand how
> e-mail works corectly).

Ahem. find a box with nslookup installed and try
nslookup -type=mx microsoft.com
and you'll find the mx records for microsoft, if that
doesn't ease your security fears ( ;-) ) then try
nslookup -type=mx cia.gov
nslookup -type=mx nsa.gov

Which gives you the CIA and the NSA (a bit of digging
gave me gchq.co.uk as well) mx records respectivly and
if they're not worried about security well does your
company expect the KGB to be interested in them?


> I have until friday to make my presentation
> apparently. Anyway, are
> their any dns guru's about that can help me define
> what mx records
> are, best practices and security related issues.

MX records tell your mailer where to send the mail to.
If you try and send an email to bill at microsoft.com
your mailer looks up the MX record for microsoft.com,
finds their primary mail server is called
maila.microsoft.com, then looks up the A (A for
address) record for maila.microsoft.com to get its ip
address (131.107.3.124) then connects to the
mailserver on that ip address and sends your mail
through to the mailserver program running on it, which
then delivers it to bill (or more likely dumps it
straight away as spam :-)

>From a security point of view MX records are not
really a risk, all the risks come from running a
mailserver. Are they getting confused between MX
records and the server that the MX records point to?
If the MX records point to you (rather then an ISP) it
means you're running your own mailserver and so have
to deal with that set of security risks yourself
instead of paying your ISP to deal with them.

chris


	
	
		
___________________________________________________________ 
ALL-NEW Yahoo! Messenger - all new features - even more fun! http://uk.messenger.yahoo.com

More information about the Wolves mailing list