[Mimedefang] Checking for a valid sender

Steffen Kaiser skmimedefang at smail.inf.fh-bonn-rhein-sieg.de
Tue Nov 18 10:02:55 EST 2003

On Tue, 18 Nov 2003, Alan Madill wrote:

> A large percentage of spam has a fake from address.  Has anyone
> tried using md_check_against_smtp_server to test the senders
> address?

Think about what are you doing here:

> sub filter_sender {
> 	my ($sender, $ip, $hostname, $helo) = @_;
> 	$supposedsender = $sender;
>  	$sender =~ s/[<>]//g;
> 	$sender =~ /^(.*)\@(.*)/;
> 	$supposedserver = $2;
> 	return md_check_against_smtp_server(
> 		"<postmaster\@mydomain.com>",
> 		$supposedsender,
> 		"mail.mydomain.com",
> 		$supposedserver);
> }
> I haven't tested it yet and the perl wizards can probably get that
> down to  2 lines. :-)

Each time you receive one email, you prentend to sent a mail back to the
server of sender.
Assume, the other server has the very same code applied, hence, it tries
to verify _your_ mail delivery. Hence, it opens a connection to your
Now you get another SMTP connection ....

This scenario might become better, if you use "<>" as Sender.

However, as far as I know you must know the MTA handling this domain,
meaning: MimeDefang does not resolve MX records; that's why many of your
verifications will fail. The function was introduced to verify _your_ own
recipients with _your_ own mail server (e.g. Exchange), for instance on a
mail relay / firewall system that does not know about local users.


Steffen Kaiser

More information about the MIMEDefang mailing list