[Mimedefang] Net::DNS module for DNS lookups

Dave Shepherd Dave.Shepherd at Vixel.com
Wed Jul 9 11:55:01 EDT 2003


I find in my spam logs a lot or email arriving from system that appear 
to be home pc.

For example:

    RelayHostname = 0x50a132cb.virnxx2.adsl-dhcp.tele.dk   
    ip = 80.161.50.203
    To: user-deleted at vixel.com
    From: tony_clarke_vt at FOR-2.COM
    Subject: add 3 inches

If I perform a MX record lookup on the senders domain

    # nslookup -q=mx for-2.com
    Server:  falcon.vixel.com
    Address:  X.X.X.X

    Non-authoritative answer:
    for-2.com       preference = 50, mail exchanger =
    mail-fwd.boca15-verio.com

These domains don't match ( 0x50a132cb.virnxx2.adsl-dhcp.tele.dk  is 
not  FOR-2.com ).
This seem to be very typical of many spam messages. If a message is 
From: friend at ibm.com
then shouldn't it be arriving from some system at hostname.ibm.com ??

What the effects would be if I rejected email in these cases. This could 
easily
be done using the Perl module Net::DNS






More information about the MIMEDefang mailing list