pilot error? or idiots at microsoft?
Michael Scheidell
michael.scheidell at secnap.com
Wed Aug 10 16:48:43 CEST 2011
On 8/10/11 10:33 AM, Michael Orlitzky wrote:
> On 08/10/11 10:26, Michael Scheidell wrote:
>> so, what brain decided it would be ok to use 169.* addresses for their
>> internal ip's?
>>
>> was it microsoft? (var says that ms uses these for their internal
>> clustering ip's for clustered exchange servers
> http://en.wikipedia.org/wiki/Link-local_address
>
I am moving more to assume ms are idiots. this seems to be the default
config for exchange clusters.
So, we open a bugzilla and put 169.254* addresses into 'local_networks'
by default? like rfc1918?
it the example, sa sees the internal (trusted) 172* ip, and sees 'first
untrusted' (the 169* address!)
spf fails, rbls are consulted. all could be avoided if ms actually
followed RFC's
<http://technet.microsoft.com/en-us/magazine/gg314976.aspx>
--
Michael Scheidell, CTO
o: 561-999-5000
d: 561-948-2259
>*| *SECNAP Network Security Corporation
* Best Mobile Solutions Product of 2011
* Best Intrusion Prevention Product
* Hot Company Finalist 2011
* Best Email Security Product
* Certified SNORT Integrator
______________________________________________________________________
This email has been scanned and certified safe by SpammerTrap(r).
For Information please see http://www.secnap.com/products/spammertrap/
______________________________________________________________________
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.amavis.org/pipermail/amavis-users/attachments/20110810/f6286d69/attachment.html>
More information about the amavis-users
mailing list