undefined | Better HN

0 pointsselfhoster115y ago0 comments

> Where are you going to find a list of all ip addresses hosting SMTP and IMAP servers?

Shodan is a readily available database of such data. Just search for all hosts with IMAP, SMTP and POP3 ports exposed and then block those. Alternatively, a DIY scan of the whole IPv4 address range can be accomplished within hours or days.

IPv6 address space is harder to scan, but it's arguably safe to ban all such traffic since nearly nothing critical uses IPv6.

0 comments

2 comments · 1 top-level

Ekaros5y ago· 1 in thread

Or even simpler. Just scan all domains for MX records... That information is not even secret, but openly advertised.

folmar5y ago

MX is not crucial for email, everything falls back to A. I have an email server with no MX in production for years now. Not the most important one, but in use.

Edited to add: there is a tiny fraction of providers that would reject the emails from such a setup, but it's really not common and does not include large providers.

j / k navigate · click thread line to collapse