[Mimedefang] Any samples to validate MAIL FROM's
Steffen Kaiser
skmimedefang at smail.inf.fh-bonn-rhein-sieg.de
Tue Jun 17 07:34:00 EDT 2003
Hello,
I recently found my outqueue filled with bounce messages, that are again
bounced to me, because their delivery was deferred for more than 5 days.
I identified some domains, like localhost.com, whois.sc,
viagraonlinenow.biz and many from-?(country/state).com domains.
They do have a working reverse lookup, hence, they pass the sendmail
check, I guess; but the MX setup is broken, _intentionally_ borken in my
eyes, e.g.:
+ MX record pointing to an MX chain,
+ MX chain finally ends in an A record of 127.x.x.x or some private IP
address,
+ MX chain is recursive (endless loop),
+ to fetch the final (only!) A record times out.
Does somebody already has a working filter for MAIL FROM's in order to
reject that sort of stuff?
Bye,
--
Steffen Kaiser
More information about the MIMEDefang
mailing list