This post has been updated to take out some points that were misunderstood by me and have been clarified and another issue which appears to be resolved.
Okay, I’m spooked. I don’t understand this enough to even claim something is wrong. This is the most bizarre “email situation” I have ever seen.
It began with the government giving the address firstname.lastname@example.org as the email address for citizens to send tip offs to the government about people who have black money. Leaving the Nazi like technique aside, I was puzzled by the address, as the Indian Income Tax Department’s website is incometaxindia.gov.in
So I tried to find the website this email that the government provided belongs to. It doesn’t exist. Okaaay. Does the domain exist? It does. And it seems to be registered to the income tax department as well. So far, so good.
Got a brainwave. If it was a server configured only for email, it wouldn’t be seen by looking up domain, which looks at website address on port 80. So I did an MX lookup (that would be specifically for email server). Bingo! There it was, configuration errors and warnings and all, hosted on a subdomain pdcsmtp02.incometax.gov.in – which apparently is blacklisted for SPAM!!! The IP address for this is 126.96.36.199 (more on this later) and the reverse IP address does not match. It is for mail.incometaxindia.gov.in!!! Which seems to be blacklisted on FIVE spam lists? So the replies to the email will either not be received by people, or they will be received. It is unclear what has got the domains a spam status. The reasons could range from a relatively benign misuse of official address by a few employees to the server being compromised and used to send spam to even worse, the server being infected and emails could be infected too (spam is often the vector for malware, which is why you never click links in it, remember?)
Anyway, spam or not, whatever it was, I thought I’d found the holy grail. I tried going to the subdomain pdcsmtp02.incometax.gov.in. Page never stopped loading. It is still loading as I write this article. I have no idea what is on the other side. This is like a sarkari Darknet site.
I tried pinging it. Nothing. Depending on tool used, DNS service returns “domain not found” “name or service not found” etc.
Something very odd going on with this email address and server configuration. Is that why the Income Tax Department’s server itself is being blacklisted for spam? Given how much the ruling party had done hatchet jobs on Somnath Bharti as a “spammer” without him being on any lists, I wonder what the government is now going to say about the Income Tax Department of INDIA!!!
On a relatively unrelated note, the IP address the Income Tax Department mail server is on, is hosted at DIT Jhandewalan and managed by a Mr. Simanchal Dash using his personal email address on yahoo and uses a Bharti Airtel network. Mr Simanchal Dash is personal secretary to Finance Minister Arun Jaitley. A server is important and official property. It is unclear why the secretary of the Finance Minister controls the server for the income tax department using a private yahoo account, and not an official government email or, for that matter why the government needs to buy network connections from Airtel.
What sorcery is this?
2 thoughts on “What is this address we are supposed to report black money to?”
While it is good to analyze current situation, please do not use unparliamentary language such as : Un-fucking-believable.
Cant speak to much of the networking genius you displayed, but you have successfully driven home the point that sarkari infrastructure related things may be weird and spooky!