So what exactly hosts the mail on ijkfamily.com?
To sum up: Right now, it appears to be just the Trump organization email servers, which does not inspire confidence in their security.
Best as I can tell, as of 8pm Pacific time, it appears that it's hosted by the same servers running Trump org email, possibly hosted by "BBH Solutions" Here's what I did:
1) dig ijkfamily.com MX
yields:
;; ANSWER SECTION:
ijkfamily.com. 3055 IN MX 0 ijkpph01.ijkfamily.com.
ijkfamily.com. 3055 IN MX 0 ijkpph02.ijkfamily.com.
2) dig ijkpph01.ijkfamily.com
yields:
ijkpph01.ijkfamily.com. 3600 IN A 144.121.114.12
3) OK, let's try to telnet to port 25 and see what happens:
telnet 144.121.114.12 25
Trying 144.121.114.12...
Connected to 144.121.114.12.
Escape character is '^]'.
220 MAILHOST01.TRUMPORG.COM ESMTP Mon, 2 Oct 2017 23:03:16 -0400
4) TRUMPORG.COM? Well a server can be configured to say anything here, but, that's interesting. Let's do a sanity check here starting from the "trumporg.com" domain:
dig trumporg.com MX
-->trumporg.com. 3600 IN MX 0 mailhost01.trumporg.com.
dig mailhost01.trumporg.com
-->mailhost01.trumporg.com. 3600 IN A 144.121.114.12
Yup, same IP address as for ijkfamily.com, and therefore, same mail server. Presumably, it's whoever runs the Trump org IT, which is not in fact a commercial mail provider as far as i know. Various researchers in 2016 pointed out Trump org email servers were "horribly insecure" (https://thehackernews.com/2016/10/donald-trump-email-server.html, for example).
None of this inspires confidence.
5) Addendum: Going to http://whois.urih.com and plugging in the 144.121.114.12 address (to see who's hosting the actual servers, or at least proxying them) yields:
http://www.bbhsolutions.com/about-us/
BBH Solutions
2131 Jericho Tpke
Garden City, NY 11040
I don't know of any connection here but the DNS entries seem pretty conclusive -- this isn't being run by a commercial mail provider, but by Trump org internal IT (or vendor(s)).
[Originally published Oct 2, 2017 at https://plus.google.com/115608553892438743738/posts/Fj7vkKssvND]
Subscribe to:
Posts (Atom)
Suspended by the Baby Boss at Twitter
Well! I'm now suspended from Twitter for stating that Elon's jet was in London recently. (It was flying in the air to Qatar at the...
-
Last night Rachel Maddow talked about an apparently fake NSA document "leaked" to her organization. There's a lot of info t... -
Congratulations to the Ficlets teamon their launch(escape?) . In addition to being a neat site, it's also a greatdemonstration of what...
-
XAuth is a lot like democracy: The worst form of user identity prefs, except for all those others that have been tried (apologies to Churc...