So what exactly hosts the mail on ijkfamily.com?
To sum up: Right now, it appears to be just the Trump organization email servers, which does not inspire confidence in their security.
Best as I can tell, as of 8pm Pacific time, it appears that it's hosted by the same servers running Trump org email, possibly hosted by "BBH Solutions" Here's what I did:
1) dig ijkfamily.com MX
yields:
;; ANSWER SECTION:
ijkfamily.com. 3055 IN MX 0 ijkpph01.ijkfamily.com.
ijkfamily.com. 3055 IN MX 0 ijkpph02.ijkfamily.com.
2) dig ijkpph01.ijkfamily.com
yields:
ijkpph01.ijkfamily.com. 3600 IN A 144.121.114.12
3) OK, let's try to telnet to port 25 and see what happens:
telnet 144.121.114.12 25
Trying 144.121.114.12...
Connected to 144.121.114.12.
Escape character is '^]'.
220 MAILHOST01.TRUMPORG.COM ESMTP Mon, 2 Oct 2017 23:03:16 -0400
4) TRUMPORG.COM? Well a server can be configured to say anything here, but, that's interesting. Let's do a sanity check here starting from the "trumporg.com" domain:
dig trumporg.com MX
-->trumporg.com. 3600 IN MX 0 mailhost01.trumporg.com.
dig mailhost01.trumporg.com
-->mailhost01.trumporg.com. 3600 IN A 144.121.114.12
Yup, same IP address as for ijkfamily.com, and therefore, same mail server. Presumably, it's whoever runs the Trump org IT, which is not in fact a commercial mail provider as far as i know. Various researchers in 2016 pointed out Trump org email servers were "horribly insecure" (https://thehackernews.com/2016/10/donald-trump-email-server.html, for example).
None of this inspires confidence.
5) Addendum: Going to http://whois.urih.com and plugging in the 144.121.114.12 address (to see who's hosting the actual servers, or at least proxying them) yields:
http://www.bbhsolutions.com/about-us/
BBH Solutions
2131 Jericho Tpke
Garden City, NY 11040
I don't know of any connection here but the DNS entries seem pretty conclusive -- this isn't being run by a commercial mail provider, but by Trump org internal IT (or vendor(s)).
[Originally published Oct 2, 2017 at https://plus.google.com/115608553892438743738/posts/Fj7vkKssvND]
Subscribe to:
Posts (Atom)
COVID-19: Evaluating School Closures
I'm getting increasingly concerned that many Santa Clara County public schools are continuing normal operations when -- based on availab...
-
Last night Rachel Maddow talked about an apparently fake NSA document "leaked" to her organization. There's a lot of info t... -
I've had a Facebook account for a few years, largely because other people were on it and were organizing useful communities there. I s...
-
I'm getting increasingly concerned that many Santa Clara County public schools are continuing normal operations when -- based on availab...