[Mimedefang] Net::DNS module for DNS lookups

Mike Smith mike at ftl.com
Wed Jul 9 12:19:01 EDT 2003


Dave Shepherd said:
>     # nslookup -q=mx for-2.com
>     Server:  falcon.vixel.com
>     Address:  X.X.X.X
>
>     Non-authoritative answer:
>     for-2.com       preference = 50, mail exchanger =
>     mail-fwd.boca15-verio.com
>
> These domains don't match ( 0x50a132cb.virnxx2.adsl-dhcp.tele.dk  is not
FOR-2.com ).
> This seem to be very typical of many spam messages. If a message is From:
friend at ibm.com
> then shouldn't it be arriving from some system at hostname.ibm.com ??

 You are talking about 2 different beasts here. MX records or for routing incoming
mail to that domain. This machine may not be the same machine you use for outbound
mail. ie: I could have mail.ftl.com for my inbound and it's listed via an MX entry
in my zone file. However, I could have another machine, smtp.ftl.com, that could be
used for all my outbound traffic.

>
> What the effects would be if I rejected email in these cases. This could easily be
done using the Perl module Net::DNS

 I wouldn't recommend rejecting based on that. You will find that you drop a lot of
legit mail.

 Case in point. I sent myself a message from Yahoo and this was the outbound server
Received: from web20302.mail.yahoo.com (web20302.mail.yahoo.com [216.136.226.83])

 Now if you do a 'dig yahoo.com mx' You'll notice that the MX holders for yahoo are
mx1.mail.yahoo.com, mx2.mail.yahoo.com and mx4.mail.yahoo.com.

 Hope this helps.

 -Mike








More information about the MIMEDefang mailing list