Globalsign sends Mails through ns01.globalsign.com, technically via google Mailservers
We got a SSL certificate renewed. This is what we got:
Jun 25 12:10:18 smtp postfix/smtpd: ... RCPT from ns1.globalsign.com[18.104.22.168]: 450 4.2.0 <firstname.lastname@example.org>: ... from=<email@example.com> ... proto=ESMTP helo=<ns1.globalsign.com>
ns1.globalsign.com, a nameserver, is sending SSL renewal mails? Whatelse is running on those machines? The perlscript that creates/signes the certificates, webserver, etc. Is globalsigns private key to sign the certificates also on this machine?
The MX for globalsign is google-mail:
# dig -t mx globalsign.com ;; QUESTION SECTION: ;globalsign.com. IN MX ;; ANSWER SECTION: globalsign.com. 900 IN MX 20 alt1.aspmx.l.google.com. globalsign.com. 900 IN MX 20 alt2.aspmx.l.google.com. globalsign.com. 900 IN MX 10 aspmx.l.google.com. globalsign.com. 900 IN MX 30 aspmx3.googlemail.com. globalsign.com. 900 IN MX 30 aspmx4.googlemail.com. globalsign.com. 900 IN MX 30 aspmx2.googlemail.com. globalsign.com. 900 IN MX 30 aspmx5.googlemail.com.
Thats why i only trust myself and create only self-signed-certificates for my services. I do not throw money at those companies that just start a perlscript to generate a ssl-cert i can create the same way…