[Mimedefang] Checking for a valid sender

Jim McCullars jim at info.uah.edu
Tue Nov 18 09:57:05 EST 2003

On Tue, 18 Nov 2003, Alan Madill wrote:

> A large percentage of spam has a fake from address.  Has anyone
> tried using md_check_against_smtp_server to test the senders
> address?

   That function is for checking local recipients, not remote senders.

> sub filter_sender {
> 	my ($sender, $ip, $hostname, $helo) = @_;
> 	$supposedsender = $sender;
>  	$sender =~ s/[<>]//g;
> 	$sender =~ /^(.*)\@(.*)/;
> 	$supposedserver = $2;
> 	return md_check_against_smtp_server(
> 		"<postmaster\@mydomain.com>",
> 		$supposedsender,
> 		"mail.mydomain.com",
> 		$supposedserver);
> }

  You can't just strip off the domain name of a sender and assume that
there is a mail server at that address.  For this to even approach
working, you would have to do a DNS lookup on the domain in question and
look for MX records to get a mail server name.

  Furthermore, many domain mail servers (like yahoo.com, unless they have
changed this very recently) will respond with a "recipient OK" status
during the SMTP exchange whether the recipient exists or not.  It's only
later that they bounce if it isn't a valid yahoo.com user.

  Finally, even if you got both of those points resolved, what if someone
else with the same idea tried to send you email (or you tried to send
them)?  You go and try to validate him, which causes him to try and
validate you, which causes another slave on your end to try and validate
him, which causes....you get the idea.

More information about the MIMEDefang mailing list