[Mimedefang] MX resolves to localhost

Mike Batchelor mikebat at gmail.com
Mon Aug 16 17:38:21 EDT 2004


On Mon, 16 Aug 2004 14:03:39 -0700, matthew.van.eerde at hbinc.com
<matthew.van.eerde at hbinc.com> wrote:
> Mike Batchelor wrote:
> > I want to reject mail for domains that resolve to 127.0.0.1 or that
> > have MX records with hostnames that resolve to 127.0.0.1
> 
> Or do you mean you are accepting MAIL FROM: bad.example.com, and bad.example.com has MX 127.0.01?

That's the one.  Or bad.example.com has MX mail.example.com, which
resolves to 127.0.0.1.

> If this is rejected, then you in turn reject the MAIL FROM: with a 5xx Sorry, if joe at example.com doesn't want to receive mail from <>, I don't want mail from him.

I totally agree, and I may do that for untrusted domains in the
future, but it's a high cost option at this point, and I don't know if
it would be worth it. I'd rather do some Net::DNS code to check the A
record for the domain's MX, or the domain's A record itself, and
reject if any of them resolve to 127.0.0.1.  I was wondering if anyone
had already done this and had some code to post.  I haven't used
Net::DNS before, and mimedefang-filter is about the most complex perl
I have dealt with, so, being a n00b I was hoping to get an example I
could adapt to my installation.



More information about the MIMEDefang mailing list